Webhook updates (Partner flow)

webhook endpoint to receive confirmations for initiating crypto withdrawals

When integrating with Onramp in a partner flow, partners can set up a webhook endpoint to receive confirmations for initiating crypto withdrawals on behalf of users.

Note:

• Webhook Endpoint: Partners must provide a webhook endpoint to receive confirmations.

• Whitelisting: To use this webhook endpoint, the partner's AppID must be whitelisted by the Onramp team. Please contact the Onramp team to get your AppID whitelisted and gain access to this functionality

• Webhook Response Time: A response to the webhook call is expected within 5 seconds. If no response is received within this time, it's considered a failure, and the webhook will be retried up to 10 times.

• HTTPS Requirement: Ensure your webhook endpoint uses HTTPS with a valid SSL certificate. Without this, you might miss webhook updates.

Authentication code webhook

Nodejs

var CryptoJS = require('crypto-js');
var express = require('express');
var router = express.router();

function verifyWebhook(req, res, next) {
  let payload = req.headers['x-onramp-payload'];
  let signature = req.headers['x-onramp-signature'];
  const localSignature = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA512(payload, 'YOUR_API_SECRET'));
  if(localSignature == signature){
    // signature verified
    return next();
  }
  return res.status(403).send("Invalid signature passed");
}

router.post('/webhookEndpoint', verifyWebhook, (req, res) => {
  // whatever you need to do with the data
  res.status(200).send("Received data :)");
})

Response

// headers received in webhook
{
   "x-onramp-payload": "SOME_VALUE",
   "x-onramp-signature": "SOME_SIGNATURE"
}

// response body 
{
  "token": "token_value",
  "quantity": "quantity_value",
  "merchantRecognitionId": "merchant_id_value"
}