Setup webhooks

Viva Wallet uses webhooks to notify you when an event happens in your account. Webhooks are particularly useful for asynchronous events such as asynchronous payments, for example, when the funds of the customer are transferred from his bank account into your Viva Wallet account.

You can start receiving webhook notifications following the below steps:

Whitelist the Viva Wallet addresses

To receive successfully webhook notifications, you should whitelist the below IP addresses in your server and in your network firewall too. The webhooks IP source will be one of the below IP addresses:

ProductionDemo
51.138.37.23820.50.240.57
20.54.89.1640.74.20.78
13.80.70.18194.70.170.65
13.80.71.22394.70.174.36
13.79.28.7094.70.255.73
94.70.248.18
83.235.24.226

Identify the event(s) you want to monitor

You can define webhooks for the following events:

Generate a webhook verification key

Before you can receive a webhook notification to your website you need to create a unique verification code for Viva Wallet to identify you as a merchant. To do this, call the following API action with standard API authentication headers setting the response to application/json.

get    /api/messages/config/token

This call will give you a key (example below) which you can print to the page as is. You can always disable a webhook (without deleting it), to temporarily stop receiving notifications.

Request example

The example below uses basic auth for authentication.

curl -L -X GET 'https://demo.vivapayments.com/api/messages/config/token' \
-H 'Authorization: Basic ZDdjZDhmMGQtYjRiNy00MmE3LWI0M2QtM2Y4MzRmMDQ3OWU2OjtecmkxQA==' \

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://demo.vivapayments.com/api/messages/config/token',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'GET',
  CURLOPT_HTTPHEADER => array(
    'Authorization: Basic e1lvdXIgTWVyY2hhbnQgSUR9OntZb3VyIEFQSSBLZXl9'
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

Run in Postman

Response example

{
  "Key":"B3248222FDCD1885AEAFE51CCC1B5607F00903F6"
}

In order to use a new webhook URL, Viva Wallet needs to verify that the given URL is available for immediate use.

Each time you enter a new webhook URL via the banking app, you need to verify it (by clicking on the “verify” link next to URL input textbox). This action will start the process of a simple GET http call to your URL. We send this request using TLS 1.2 so your server configuration needs to match that. Your page should print a JSON response such as the one shown above.

Create a webhook endpoint

Set up an HTTP endpoint on your server and make be sure that you can accept webhook requests with a POST method.

For test purposes, you can generate your webhook URL using Pipedream web application.

Handle requests from Viva Wallet

You should configure your endpoint to read all the provided by Viva Wallet objects-parameters for every event type of webhook notifications you want to receive.

Every webhook notification includes the following properties:

TransactionEventData has the following properties:

Note, that Viva Wallet sends all the events to your webhook endpoint as part of a POST request with a JSON payload with a basic authentication.

The below Node JS may be useful as an example of the code you can use.

  if (steps.webhookEndpoint.event.method === 'POST') {
    console.dir(steps.webhookEndpoint.event.body);
    $respond({
      status: 200,
      body: { message: 'ok' }
    })
    return;
  }

  const axios = require("axios");

  var merchantId = '[your demo Viva Wallet Merchant ID]';
  var apiKey = '[your demo Viva Wallet API key]';

  var credentials = Buffer.from(merchantId + ':' + apiKey).toString('base64');

  const resp = await axios({
    method: "GET",
    url: `https://demo.vivapayments.com/api/messages/config/token/`,
    headers: {
      "Authorization": "Basic " + credentials,
    }
  });

  var code = resp.data.Key;

  $respond({
    status: 200,
    headers: { "test-header": "value" },
    body: { key: code }
  })
  console.log('Webhook has been validated')

Deploy your webhook

Deploy your webhook and make it public; not private. You can confirm it, visiting your URL using a browser and getting the key string number, as String parameter type in base64 format.

In the below example, the webhook URL generated using Pipedream web application.

Verify Webhook

If you don’t get any key value then the authentication is not executed successfully, and your account credentials are not validated.

Set up and verify your webhook in Self Care

To set up your webhook endpoint within the Viva Wallet banking app:

Obligation Created webhook

Further information

Check out the related tutorial below for more details on this topic: