Webhooks

Authentication

Each webhook request includes a X-Verify header containing an HMAC-SHA256 signature of the payload, encoded in Base64.

Signature Verification

Partners must verify the signature using the shared secret key to confirm authenticity. The signature is generated using the following logic:

private fun generateSignature(payload: String, secret: String): String {
    val algorithm = "HmacSHA256"
    val secretKeySpec = SecretKeySpec(secret.toByteArray(), algorithm)
    val mac = Mac.getInstance(algorithm).apply { init(secretKeySpec) }
    val signatureBytes = mac.doFinal(payload.toByteArray())
    return Base64.getEncoder().encodeToString(signatureBytes)
}

IP Whitelisting (Optional)

Hubble can also share its outbound IP address for partners who prefer to whitelist incoming webhook sources.

---

1. Brand Updated

• Description: Webhook to intimate the client for changes in brand properties.
• Payload

{
  "id": "brand_id",
  "denominationType": "FIXED/FLEXIBLE",
  "status": "ACTIVE/INACTIVE",
  "denominations": [100, 1000, 5000],
  "amountRestrictions": {
    "minOrderAmount": 100,
    "maxOrderAmount": 5000,
    "minVoucherAmount": 100,
    "maxVoucherAmount": 5000,
    "maxVouchersPerOrder": 5,
    "maxVouchersPerDenomination": 1,
    "maxDenominationsPerOrder": 1
  }
}

Note: The fields minAmount and maxAmount in the amountRestrictions object are deprecated. Please use minOrderAmount and maxOrderAmount instead.

2. Wallet Low Balance Notification

• Description: Webhook to alert for low wallet balance. Threshold can be configured.
• Payload:

{
  "balance": 50,
  "threshold": 100
}

3. Order Reached Terminal State

• Description: If an order goes into PROCESSING state during generation, once it reaches a terminal state - SUCCESS / FAILED - hubble gives an intimation via webhook on the configured endpoint.
• Payload:

{
  "id": "order_id",
  "status": "SUCCESS/FAILED/PROCESSING/REVERSED"
}