Webhooks
Introduction
A webhook is an HTTP request used to provide various events. Knot provides webhooks for updates related to a user’s lifecycle in the Knot user experience as well as various asynchronous processes.
To receive webhooks from Knot, set up dedicated endpoints on your server as webhook listeners that can receive POST requests from Knot’s development
and production
environments respectively.
Configuring Webhooks
Once you have added endpoints on your server, add these endpoint URLs in your Customer Dashboard here.
The URLs of your dedicated endpoints must be in the standard format of http(s)://(www.)domain.com/
and must have a valid SSL certificate if https.
Knot sends POST payloads with raw JSON to your webhook URL from the following IP address: 35.232.249.218
. This IP address is subject to change and you will be notified in advance of any changes.
Webhook Verification
Knot signs all outgoing webhooks so that you can verify the authenticity of any incoming webhooks to your application. This verification process is optional and is not required for your application to handle webhooks from Knot.
Extract the knot-signature header
Extract the Hash-based Message Authentication Code (HMAC) signature included in the Knot-Signature
header of the webhook. You will later compare this against your computed signature.
Prepare the hash map
Collect the following headers and body fields into a hash map:
Not all webhooks will have a session_id
in the body fields (such as the MERCHANT_STATUS_UPDATE
webhook). In those scenarios, do not include the session_id
in the hash map.
Build the signature
Build the following string from the hash map, concatenating key-value pairs with |
Using your Knot secret
, compute an HMAC signature using SHA256 and base64 encode the result.
Compare the signatures
Compare the signature extracted from the Knot-Signature
header in the webhook to the signature you computed in the above step and ensure they’re the same.
Retries
If there is a non-200 response or no response within 10 seconds from your webhook listener endpoint, Knot will retry sending the webhook up to two times with a few minutes in between each request.
Was this page helpful?