Webhook Events

Webhooks allow you to receive real-time notifications for specific events. When a transaction occurs, our system triggers a webhook, sending event data directly to your webhook. This enables instant updates without requiring repeated API calls.

The primary transaction events you should monitor via webhooks include:

For enhanced security, we include a hashed version of your secret key in the header of each event sent to your webhook. Your implementation should validate this signature to ensure the request’s authenticity. Below is an example of how you should implement this verification.

const crypto = require('crypto');
const secretKey = 'YOUR_SECRET_KEY'; // Replace with your giro secret key
const hash = crypto
    .createHmac('sha512', secretKey)
    .update(JSON.stringify(req.body))
    .digest('hex');

if (hash === req.headers['x-giro-signature']) {
    doSomethingAmazing(); // Replace with actual logic
    return res.status(HttpStatus.OK).json(result);
} else {
    return res.status(HttpStatus.BAD_REQUEST)
        .json({ message: 'Webhook security error' });
}