Setup webhooks
Learn how to setup, process and test Hands In webhooks.
To set up a webhook subscription for payment notification events, you'll typically need to follow these steps: creating an endpoint on your server to receive webhook events, registering this endpoint with your payment provider, and verifying incoming requests for security. Below is a guide to help you set up a webhook subscription, along with code examples.
Step 1: Create a Webhook Endpoint
The webhook endpoint is a URL on your server where the payment provider will send HTTP POST requests whenever a payment event occurs. This endpoint should be capable of receiving and processing JSON payloads.
Hereโs a basic example of how to set up a webhook endpoint using Node.js and Express:
// app.js
const express = require('express');
const bodyParser = require('body-parser');
const app = express();
// Use body-parser middleware to handle JSON requests
app.use(bodyParser.json());
// Create a webhook endpoint to handle payment notifications
app.post('/webhook', (req, res) => {
const event = req.body;
// Log the event for debugging
console.log('Received event:', event);
// Process the event according to its type
switch (event.type) {
case 'CAPTURED':
console.log('Payment was successful!');
// Handle successful payment
break;
case 'FAILED':
console.log('Payment failed.');
// Handle failed payment
break;
case 'CREATED':
console.log('Refund was created.');
// Handle refund event
break;
// Add more cases as needed for other event types
default:
console.log('Unhandled event type:', event.type);
}
// Respond to acknowledge receipt of the event
res.status(200).send('Webhook received');
});
// Start the server on port 3000
app.listen(3000, () => {
console.log('Webhook server is listening on port 3000');
});
Step 2: Register the Webhook Endpoint in the dashboard
Once the endpoint is created, you need to register it with your payment provider so that they know where to send events. This process varies depending on the payment provider (e.g., Stripe, PayPal, Square). Below is an example using Stripe's API:
Step 3: Secure the Webhook Endpoint
Security is crucial when handling webhooks, as you want to ensure that the events are genuinely coming from your payment provider. This is typically done by verifying a signature included in the request headers.
For example, with Stripe, you can verify the signature using the following code snippet:
// app.js continued
const stripe = require('stripe')('your_stripe_secret_key');
const endpointSecret = 'your_webhook_secret';
// Secure webhook endpoint with signature verification
app.post('/webhook', (req, res) => {
const sig = req.headers['stripe-signature'];
let event;
try {
// Verify the signature and parse the event
event = stripe.webhooks.constructEvent(req.rawBody, sig, endpointSecret);
} catch (err) {
console.error('Webhook signature verification failed:', err.message);
return res.status(400).send('Webhook Error: ' + err.message);
}
// Handle the event
switch (event.type) {
case 'payment_intent.succeeded':
console.log('Payment was successful!');
// Handle successful payment
break;
case 'payment_intent.failed':
console.log('Payment failed.');
// Handle failed payment
break;
// Handle other event types...
default:
console.log('Unhandled event type:', event.type);
}
// Acknowledge receipt of the event
res.status(200).send('Webhook received');
});
Step 4: Test Your Webhook
Use the payment provider's testing tools or CLI commands to simulate events and ensure your endpoint handles them correctly.
Check your server logs to verify that the events are received and processed as expected.
Updated 4 months ago