Please correct me I am doing something wrong while creating webhooks
Firstly, I created the webhooks via Api by using
$subscription = $webhookApi->create(array (
‘url’ => ‘https://abc.com/webhooks’,
‘secret’ => ‘ssh hhhhh’,
My requirement is, that the webhook will only work for payment transactions, so please help me if I need to any additional parameters on the above request (Point 1).
Also please help me, I need to do some additional steps to receive an only payment related webhook.
Can you please share the transfer payment data, which I will receive through webhooks so that I will create my function in that way and how can I verify the secret key when receiving any webhook
Hi @Mohammad_Javed_khan – when setting up a Webhook subscription, the URL you provide (like the one you provided above - https://abc.com/webhooks) should be a URL to your server where you want Dwolla to send HTTP webhook requests.
When you subscribe to webhooks, you will get webhooks for all events that occur in your platform, and not just transfer-related ones. Here’s a list of all possible events that we might send webhooks for. You may choose to only process logic for selected webhooks, but you will need to respond to all webhook requests with an HTTP status code of level 2xx.
I found this article on Medium which explains webhooks, and how you can test webhooks locally for when you want to test this in Sandbox. I would recommend checking it out as a starting point. You can then test Dwolla’s webhooks in Sandbox by setting up a subscription, and continue testing by creating customer, funding-sources and transfers.
Hope that helps!
Hello @shreya, thank you for your response
As per my understanding, after creating the subscription webhook if any event occurs in the Dwolla sandbox then Dwolla automatically will send a request to the application URL (provided while creating the webhook). Please confirm
Also, I still need your help on how can we verify the secret key which I passed when creating the subscription along with the application URL.
Also in the Dwolla sandbox environment, I am not getting an option to test webhook by requesting. Please help me under which option I will get that.
Please look at priority
@shreya Webhook is working at my side, but I am not able to get the request data format.
Can you please help me…
We explain the webhook request details in this developer doc. Check it out here.
Validation of a webhook using the secret you provided is explained in this documentation.
If you come across any questions, please let us know!
Hi @shreya How to verify secret key I have read your documentation but unable to understand
Hi @Mohammad_Javed_khan – once you receive a webhook request, your will need to generate an SHA256 HMAC hash of the request body with the key being your webhook secret. Then, you will compare it to the value of the
X-Request-Signature-Sha-256 header that is found in the webhook request. If they’re the same, then you can be assured that the request came from Dwolla and not an impersonator.
I’m trying to validate webhooks in PHP following this guide
I am requesting data from webhook when we transferred amount and getting payload data as we requested, In this when I am requesting - $request->header(‘X-Request-Signature-SHA-256’); getting null. Why ? is this another way to get the header
@shreya is there any update ?
Hi @Mohammad_Javed_khan – I don’t have a specific code example for it, but I’d start by listing the full request details, and then drilling down into headers. Also, could you try replacing
X-Request-Signature-SHA-256 and seeing if that makes a difference? I believe the Docs might have a typo in the header name which I’ve logged a ticket for a fix!
Hi @shreya Could you please elaborate how do I get the webhook response, that we received from dwolla on the url (added while created the Webhook-subscription) As I see the documentation does not have anything related to this Validating Webhooks | Dwolla API Documentation.
Although I have successfully created Webhook-subscription and able to see my webhooks on dashboard and able to get hit on my url on any webhook event.
Can you please help me on this. Thanks!
Hi @Pardeep_Kumar – referencing this sample application might be helpful to understand how you can get the webhook response, validate it and send it off to a queue for processing.
The app deploys a webhook handler as an AWS Lambda function using the Serverless Framework, but if that’s not what you’re using, you can still reference the webhook handler file for the code that is relevant with handling webhooks - webhook-receiver/webhook.ts at main · Dwolla/webhook-receiver · GitHub
@shreya Thanks for you reply. I am implementing dwolla in C#, can you please provide sample application to get the webhook response as webhook payload (Json data contains webhook event data detail).
Just closing the loop on this thread. This was answered in a separate post - Webhook response - #4 by james