Enable HMAC webhook digest

put deprecated

https://api.tatum.io/v4/subscription

This endpoint is compatible with our deprecated v3 Notifications product. To use it with v3, simply replace 'v4' with 'v3' in the request URL.

/v4/subscription

Enable HMAC hash ID on the fired webhooks from Tatum API. In order to make sure that a webhook is sent by us, we have the possibility to sign it with the HMAC Sha512 Hex algorithm.
To verify that a webhook is sent by us

Get a webhook x-payload-hash header value and payload as it is as a JSON file.
Convert the HTTP webhook body to stringify JSON without any spaces. In JavaScript, you would do it like this
```
JSON.stringify(req.body)
```
Perform calculations on your side to create a digest using Secret Key, webhook payload in bytes and HMAC SHA512 algorithm. JavaScript example:
```
require('crypto').createHmac('sha512', hmacSecret).update(JSON.stringify(req.body)).digest('base64')
```
.
Compare x-payload-hash header value with calculated digest as a Base64 string.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Responses

204

Language

Credentials

Header

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

401Unauthorized. Not valid or inactive subscription key present in the HTTP Header.

500Internal server error. There was an error on the server during the processing of the request.