# Webhooks

{% hint style="info" %}
Please complete [this form](https://forms.gle/cJ6aehR4Y7j3uKwY9) to obtain your API Keys.\
Please submit your desired webhook URL on the API request form above.
{% endhint %}

<table><thead><tr><th width="175">Status</th><th>Description</th></tr></thead><tbody><tr><td>new</td><td>when <code>/onramp/transaction</code> is called via a POST request.</td></tr><tr><td>processing</td><td>the fiat gateway provider is processing the transaction.</td></tr><tr><td>success</td><td>user has successfully received asset.</td></tr><tr><td>failed</td><td>fiat-gateway has encountered an error processing the transaction. The user will not be charged.</td></tr><tr><td>invalid</td><td>unable to continue with DeFi route.</td></tr></tbody></table>

### Signature

To verify the authenticity of the webhook payload, you can hash (sha256 hex) the payload's body using the webhook's secret key. Once you've generated this hash, compare it with the value provided in the `x-signature` header. If the two values match, it confirms that the payload is genuine and hasn't been tampered with.

For verification, consider using this sha256 hash generator as a reference: <https://www.freeformatter.com/hmac-generator.html>

<details>

<summary>Example payload</summary>

**Headers**

```
'x-signature': 'xxxx'
```

**Body**

```
{
  "id": "0261ca05-731e-4cc6-9cbd-69bcd828b721",
  "type": "onramp_cefi_transaction",
  "data": {
    "transactionId": "ed8d321f-e507-4ff9-b12f-59ff6de71f0c",
    "status": "processing",
    "gateway": "transak",
    "fiat": "sgd",
    "fiatAmount": "2000000",
    "fiatDecimal": 2,
    "payment": "paynow",
    "chain": "eth",
    "cryptoAmount": "103956047383166400",
    "cryptoDecimal": 18,
    "wallet": "0x000000000000000000000000000000000000dead",
    "partnerContext": {
      "yourContext": "xxx"
    }
  },
  "timestamp": 1691413686
}
```

</details>