The content of notification is encrypted to protect data from fraud attempts. When converting human-readable string to hexadecimal format, we use UTF-8.
- Encryption algorithm: AES
- Block mode: GCM
- Padding: None
- Initialization Vector: In HTTP header (X-Initialization-Vector)
- Authentication Tag: In HTTP header (X-Authentication-Tag)
- Format of body: Base64
- Format of Initialization Vector: Base64
Test Notification ExampleÂ
Secret
O0Bur9uhZkS54NkwFhVyeutED6DhLbOQUBDt3i3W/C4=Â
X-Authentication-Tag
Ytw9bzOS1pXqizAKMGXVQ==Â
Content-type: text/plain
X-Initialization-Vector
Ldo3OyWNgRchSF3C
Body before decryption
WgErmJOV6wg3BuRkrgZLUUnh57BYzhIzvBFdpadHRsc43UcjtZEevRGDIDu3YxocXMXe8O+xQpMRxwTJPv766IaNqUiUEjAIjÂ
ZSMEYCZ0pBursUYB+9nB4eqNUiAS2MJ9sR+Cj2iBf6G6KXLfp9K6dK7c0UED5XrJwbovY8X8pMyxktFTEaflp0e76ZywsCQvtÂ
qEtqNz9uYEyqmAANbsBwbwyWpkCC8H1kZN2fV3CYetW1CTPmWdPp3C18Yfh826NN4XlKu1VmUmea70PyjmRKSsjPXpfrRX8udÂ
elVIK2WTFtnRxD4x588d1nlGY5D5DQmJ8KYZzfvjTmDXGAPiRIEGuXp8h6rBQXS8P/m1llBtboGgQv4MmW3zvq0G6KFlYIcM=Â
Body after decryption
{Â
"returnStatus": {Â
"statusMsg": "Success",Â
"statusCode": "000"Â
},Â
"paymentStatus": "Success",Â
"paymentMethod": "CARD",Â
"transactionID": "WebhookTest",Â
"amount": {Â
"currency": "EUR",Â
"value": 10.0Â
},Â
"merchant": {Â
"terminalId": 1000000Â
},Â
"paymentType": "PURS",Â
"notificationID": "f153c248-e7be-4c12-8d88-6c9f1f3b83e4"Â
}