Configuring webhooks
When a verification job has completed, Vouched has the ability to post the job results to a webhook URL.
A webhook can be configured by adding a callbackURL :
- As a parameter to the JS Plugin
- As a parameter in the Send Invite API
- As a parameter in the Submit Job API
Validating webhook responses
All webhook requests contain X-Signature in request headers. The X-Signature is base64 encoded, created using HMAC-SHA1 using your private key as the key and using the response as data.
To validate the webhook response, perform the same signature procedure and confirm that your generated signature matches the sent signature.
Here is an example of validation from our Node.js sample repo.
AML monitoring webhooks
For verification jobs with AML and ongoing monitoring enabled, Vouched is able to post the most recent AML results to a defined webhook URL. This webhook will be triggered when the AML details of a monitored job have changed. This webhook uses the response model from the Retrieve AML Result API endpoint.
To enable AML Monitoring Webhooks, please send the desired callback URL to support@vouched.id.
Whitelisting
Please ensure the following IPs are whitelisted in order to receive webhook responses:
34.83.180.255
35.197.15.224
Comments
0 comments
Please sign in to leave a comment.