Webhooks are extensions of APIs. The data comes in a web request to your application. Webhooks may be the result of an earlier API call, this type of webhook is also called a “callback”, such as an ‘asynchronous’ request to the Number Insight API. Even webhooks are used to notify your application of events such as an incoming call or message.
As the server needs to send data to your application via webhooks, you need to set up the webserver to receive the incoming HTTP requests. You also need to specify the URL of each webhook on your web server so that data can be sent to each URL.
Securing Webhooks:
Since webhook delivers data to publicly available URLs in your app or router, there is the chance that someone else could find that URL and then provides you with false data. To prevent it from happening you can employ a number of techniques. The easy thing to do (and what you should implement before going any further) is to force TLS connections “HTTPS”. Once you have implemented that you may go forward and further secure your connection:
- The first and most common way to secure a webhook is to add tokens to the URLs that act as unique identification.
- The next option is to implement Basic Auth, this is widely supported, and very easy to do.
- The first two points work great to prevent most attacks, therefore they have the disadvantage of sending the auth token with the request. The third option is to have the provider sign each request it makes to you and then verify a signature. This has the disadvantage of requiring the provider to have implemented request signing meaning if they do not already, you are probably out of luck.
Paypal webhook events eg: “PAYMENT.SALE.COMPLETED”
Response data could be like this:
{
'id': 'WH-06485091105459459-0W6R85331JD518460C',
'create_time': '2021-12-31T07:37:44.311A',
'resource_type': 'sale',
'event type': 'PAYMENT.SALE.COMPLETED',
'summary': 'Payment completed for $ 180.0 USD',
'resource': {
'billing_agreement_id': 'I-605HV1LDP8UM',
'amount': {
'total': '180.00',
'currency': 'USD',
'details': {
'subtotal': '180.00'}
},
'payment_mode': 'INSTANT_TRANSFER',
'update_time': '2021-12-31T07:37:26Z',
'create_time': '2021-12-31T07:37:26Z',
'protection_eligibility_type': 'ITEM_NOT_RECEIVED_ELIGIBLE,UNAUTHORIZED_PAYMENT_ELIGIBLE',
'transaction_fee': {
'currency': 'USD',
'value': '6.77'},
'protection_eligibility': 'ELIGIBLE',
'links': [{
'method': 'GET',
'rel': 'self',
'href': 'https://api.sandbox.paypal.com/v1/payments/sale/76W3987305068623Y'
},
{'method': 'POST',
'rel': 'refund', 'href': 'https://api.sandbox.paypal.com/v1/payments/sale/76W3987305068623Y/refund'
}],
'id': '76W3987305068623Y',
'state': 'completed', 'invoice_number': ''},
'links': [
{'href': 'https://api.sandbox.paypal.com/v1/notifications/webhooks-events/WH-06485091105459459-0WR85331JD518460C',
'rel': 'self',
'method': 'GET',
'encType': 'application/json'},
{'href': 'https://api.sandbox.paypal.com/v1/notifications/webhooks-events/WH-06485091105459459-0WR85331JD518460C/resend', 'rel': 'resend',
'method': 'POST',
'encType': 'application/json'}],
'event_version': '1.0'
}
People having good knowledge of Financial accounting can get an Accounting Certification Exams from StudySection to increase their chances of getting a job in this field. You can get a foundation level certification if you are new to Financial accounting or you can go for advanced level certification if you have expert level skills in Financial accounting.