# Notify URL (Webhook) **Step 1:** Select "Configure Webhook" from "Projects" on Dashboard. ![Configure webhook](https://1757123647-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mb1aW0TkqAysc62vCm_%2F-MkD6PskCwRO1MU5P-t7%2F-MkD9HvhdG8u3x5slpJI%2Fimage.png?alt=media\&token=f6e46e4b-861f-46dd-93ec-50fe8e1cdf92) **Step 2:** Input your webhook URL into the field provided and click "Save" ![Save your webhook callback url under "Projects"](https://1757123647-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mb1aW0TkqAysc62vCm_%2F-MkD6PskCwRO1MU5P-t7%2F-MkD95VZ9vY67jSAG8lE%2Fimage.png?alt=media\&token=863bfdce-e99b-4939-9393-25bdb35e810c) **Step 3:** Send test notification to webhook url for development purposes. !["Send test notification" option](https://1757123647-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mb1aW0TkqAysc62vCm_%2F-MkD6PskCwRO1MU5P-t7%2F-MkD9vOGXzphU70uBeKg%2Fimage.png?alt=media\&token=fe9bf8fd-05c4-4733-8f20-2a3ebfe5816e) ### 🔔 Sample notification *`POST`*to your webhook url ``` { "type": "DEPOSIT", "network": "TRON", "status": "SUCCESS", "hash": "cd2df87daa2001c678f5be970851278987a45132f165f62e5f1e1987c43d5cf7", "fromAddress": "TDmarSrhZg7LaUaQyzez7UA2EZrCLWXEjw", "toAddress": "TTcVb5oLA7UDGCDvTs7DtQo9ktJWgYPCkC", "contractAddress": "TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t", "value": "787.41", "assetName": "Tether USD", "assetSymbol": "USDT", "networkFee": "1", "platformFee": "3.93705", "timestamp": 1618564124 } ``` {% hint style="info" %} Go to and use the given unique url to immediately inspect and test notifications sent by Multichain. {% endhint %} **Step 4:** :fire: Validating data received at callback URL (Webhook)\ It is considered standard practice to respond with `200 OK` once you have successfully received a webhook callback (notification). {% tabs %} {% tab title="Javascript" %} ```javascript function isValidSignature(request) { const secretKey = 'Secret Key provided by Multichain on the Project (View Key) list popup'; const headers = request.headers; const signature = headers['multichain-api-key']; // Lowercase for NodeJS const body = request.body; const hmac = crypto.createHmac('sha256', secretKey) // Create a HMAC SHA256 hash using the auth token hmac.update(body, 'utf8') // Update the token hash with the request body using utf8 const digest = hmac.digest('hex'); return (signature === digest); // If signature equals your computed hash, return true } ``` {% endtab %} {% tab title="Python" %} ```python import hmac import hashlib import json def isValidSignature(request): secretKey = ''; headers = request['headers']; signature = headers['multichain-api-key']; body = request['body']; string_body = json.dumps(body, separators=(',', ':')) digest = hmac.new( bytes(secretKey, 'utf-8'), msg=bytes(string_body, 'utf-8'), digestmod=hashlib.sha256 ).hexdigest() return (signature == digest); ``` {% endtab %} {% endtabs %} Make sure only to **store validated transactions by type `DEPOSIT` using `hash` as the *****unique - primary key*** which will reject and prevent duplicated deposits in any case where your system receives a repeated webhook notification. {% hint style="info" %} Note that webhook notification max retry is :digit\_five: times; Notification will stop if no **`200 OK`** response from your application is received within the retries.\ \ :bell:You may however manually re-send the notification from the user dashboard under the "Subwallet Deposits" tab. (Image reference below.) {% endhint %} ![Re-send webhook notification to your application manually.](https://1757123647-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Mb1aW0TkqAysc62vCm_%2F-MlM5HFZLbW_gdb1g6uQ%2F-MlM5eTiM5fem1A05uRq%2Fimage.png?alt=media\&token=6b37947c-efcc-4c3e-84db-2c17c6b4ffa4)