Conscent.ai Developer Documentation
  • Version 2.0
    • Using Conscent.ai
    • Web SDK
    • Login
    • Logout
    • User Details Drawer
    • Google One Tap
    • Mobile SDK
      • iOS(Swift)
        • In-App Purchases with Conscent
      • Android SDK
      • React Native SDK
      • Google In-App Purchases with Conscent
      • Apple In-App Purchases with Conscent
    • Facebook SSO Integration Guide
    • Landing Page API v 2.0
    • AMP Integration
    • Integrating APIs(v2)
      • Purchase Details
      • User Registered Or Not
      • User Registrations
      • Subscription Plans Details
      • Get User Details
      • Add Subscription If User Registered
      • Update UserDetails
      • Update SubscriptionDetails
      • Get All Transaction Details
    • IAM System API Documentation
  • Version 1.0
    • Getting Started
    • On Board
    • Using Conscent.ai
    • Authentication
    • Web SDK
    • Login
    • Logout
    • Amp Documentation
    • Mobile SDK
      • Android
      • Flutter
      • iOS(Swift)
      • React Native SDK
    • Auto Login
    • Creating External Purchases
    • Landing Page API
  • Login Screen Customization
  • Integrating Client Payment Gateway
  • Integrating with APIs
    • User Details and Subscriptions Information
    • Purchased Subscriptions
    • User and Purchase Details
    • Client Purchases
    • Client Micropayments
    • Client Passes
    • Cancel Active Subscriptions
    • Delete User
  • Events API Docs
    • Different Types of Events
    • SSO Login Flow
  • Discount Coupon
    • Dynamic Coupon API Generation:
  • New Webhooks
    • Meter Banner Webhook
    • Paywall Webhook
    • SignUp Webhook
    • Refund Webhook
    • Purchase Webhook
    • Subscription Landing Page Webhook
    • Popup Webhook
    • User Update Webhook
    • Payment Gateway Webhook
    • Review Page Webhook
    • Transaction Webhook
    • Login Webhook
    • Cancel Subscription Webhook
  • Old Webhooks
    • Sign Up Webhook
    • Login Webhook
    • Subscription Payment Webhook
    • Subscription Cancelled Webhook
    • Pass Payment Webhook
    • Subscription Bundle Payment Webhook
    • Review Subscription Webhook
    • Micro Payment Webhook
    • How to validate Webhooks?
  • Registering The Content
    • Create Content
    • Edit Content
    • View Content
  • Country Code List
  • Supported Currencies and Payment Gateways
    • Stripe Supported Country with Currency
    • Razorpay Supported Country with Currency
    • Paypal Supported Country with Currency
  • Errors
  • Loyalty System
    • Web SDK
    • iOS SDK
    • Android SDK
    • Flutter SDK
    • API from server
Powered by GitBook
On this page
  1. Old Webhooks

How to validate Webhooks?

When your webhook secret is set, Conscent uses it to create a hash signature with each payload. This hash signature is passed with each request under the X-Conscent-Signature header that you need to validate at your end.

var crypto = require('crypto');

var hmac = crypto.createHmac('sha256', '<WEBHOOK_SECRET>');

//passing the data to be hashed
rawBody = '<RAW_BODY_OF_REQUEST>';
signature = hmac.update(req.body).digest('hex');

//Printing the output on the console
console.log('hmac : ' + signature);

// NOTE: try matching `signature` with request header `x-conscent-signature`
Do Not Parse or Cast the Webhook Request Body

While generating the signature at your end, ensure that the webhook body passed as an argument is the raw webhook request body. Do not parse or cast the webhook request body.

PreviousMicro Payment WebhookNextRegistering The Content

Last updated 1 year ago