🔔Notify URL (Webhook)

Save a project webhook url to receive subwallet deposit callback/notifications.

Step 1: Select "Configure Webhook" from "Projects" on Dashboard.

Step 2: Input your webhook URL into the field provided and click "Save"

Step 3: Send test notification to webhook url for development purposes.

🔔 Sample notification `POST`to your webhook url

{
  "type": "DEPOSIT",
  "network": "TRON",
  "status": "SUCCESS",
  "hash": "cd2df87daa2001c678f5be970851278987a45132f165f62e5f1e1987c43d5cf7",
  "fromAddress": "TDmarSrhZg7LaUaQyzez7UA2EZrCLWXEjw",
  "toAddress": "TTcVb5oLA7UDGCDvTs7DtQo9ktJWgYPCkC",
  "contractAddress": "TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t",
  "value": "787.41",
  "assetName": "Tether USD",
  "assetSymbol": "USDT",
  "networkFee": "1",
  "platformFee": "3.93705",
  "timestamp": 1618564124
}

Go to https://webhook.site/ and use the given unique url to immediately inspect and test notifications sent by Multichain.

Step 4: 🔥 Validating data received at callback URL (Webhook) It is considered standard practice to respond with 200 OK once you have successfully received a webhook callback (notification).

function isValidSignature(request) {    
    const secretKey = 'Secret Key provided by Multichain on the Project (View Key) list popup';
    const headers = request.headers;
    const signature = headers['multichain-api-key']; // Lowercase for NodeJS
    const body = request.body;    
    const hmac = crypto.createHmac('sha256', secretKey) // Create a HMAC SHA256 hash using the auth token
    hmac.update(body, 'utf8') // Update the token hash with the request body using utf8
    const digest = hmac.digest('hex');     
    return (signature === digest); // If signature equals your computed hash, return true
}

import hmac
import hashlib
import json
def isValidSignature(request):
    secretKey = '<your Secret Key goes here>';
    headers = request['headers'];
    signature = headers['multichain-api-key']; 
    body = request['body'];
    string_body = json.dumps(body, separators=(',', ':'))
    
    digest = hmac.new(
		    bytes(secretKey, 'utf-8'),
		    msg=bytes(string_body, 'utf-8'), 
		    digestmod=hashlib.sha256
    ).hexdigest()
    
return (signature == digest);

Make sure only to store validated transactions by type DEPOSIT using hash as the unique - primary key which will reject and prevent duplicated deposits in any case where your system receives a repeated webhook notification.

Note that webhook notification max retry is 5️ times; Notification will stop if no 200 OK response from your application is received within the retries. 🔔You may however manually re-send the notification from the user dashboard under the "Subwallet Deposits" tab. (Image reference below.)

PreviousCreate a Project NextDeveloper API

Last updated 3 years ago

Was this helpful?

🔔 Sample notification POSTto your webhook url

🔔 Sample notification `POST`to your webhook url