Callback events

Signature

All the callbacks can be signed using the HMAC-SHA256 algorithm, and the contents of the signature included in a "signature" header. The header returned is the signed body of the request sent with a hex string format.

Before you start receiving signed notifications Localpayment must configure the URL where you will receive the notifications and share the HMAC key

Because our algorithm can present some customizations, an example is left. Upon receiving signed notifications you can verify their authenticity with this algorithm:

using System;
using System.Globalization;
using System.Security.Cryptography;
using System.Text;

public class DigitalHMACSignature {
  public static string ComputeHash(string key, string message) {
    //Changes the hexadecimal string to a byte array by parsing the string byte-by-byte.
    byte[] keyBytes = new byte[key.Length / 2];
    for (int i = 0; i < keyBytes.Length; i++) {
      keyBytes[i] = byte.Parse(key.Substring(i * 2, 2), NumberStyles.HexNumber);
    }

    //Encodes a message into a sequence of bytes.
    byte[] encodedMessage = new ASCIIEncoding().GetBytes(message);

    //Computes a Hash-based Message Authentication Code (HMAC) by using the SHA256 hash function.
    byte[] hash = new HMACSHA256(keyBytes).ComputeHash(encodedMessage);

    //Converts the numeric value of each element of a specified array of bytes to its equivalent hexadecimal string representation
    var computedString = BitConverter.ToString(hash).Replace("-", "").ToLower();

    return computedString;
  }
}

Payout

Following request-body is send as POST request on the URL used to register the callback when a transaction gets updated to one of the following status:

Rejected
Executed
Returned
Recalled
Canceled

Below is a sample of the callback body:

[
  {
    "payout_id": 0,
    "customer_name": "string",
    "transaction_type": "string",
    "status": "string",
    "lot_date": "20200207",
    "gross_amount": 0,
    "net_amount": 0,
    "transaction_list": [
      {
        "transaction_id": 0,
        "type_of_id": "string",
        "beneficiary_cuit": "stringstrin",
        "beneficiary_name": "string",
        "bank_account_type": "s",
        "bank_account": "string",
        "bank_cbu": "stringstringstringstri",
        "amount": 0,
        "transaction_date": "20200207",
        "merchant_id": "string",
        "concept_code": "string",
        "currency": "string",
        "status": "string",
        "status_detail": "string",
        "withholding_tax_afip": 0,
        "withholding_tax_agip": 0,
        "withholding_tax_arba": 0,
        "exchange_rate": 0,
        "submerchant_code": "string",
        "sender_name": "string",
        "sender_address": "string",
        "sender_state": "string",
        "sender_country": "string",
        "sender_taxid": "string",
        "sender_birthdate": "20200207",
        "sender_email": "string",
        "beneficiary_phone_number": "string",
        "sender_phone_number": "string"
      }
    ]
  }
]

When a change of status is made, you will receive a callback consisting of the body and the signature which confirms that we sent you the notification, this signature consists of letters and numbers. Example: xxbd49595e6e4698751940c29443el938aa7041ao1904f10714eeb145e3fd1a9

PreviousWire In NextRetentions

Last updated 1 year ago

Was this helpful?

Signature

Before you start receiving signed notifications Localpayment must configure the URL where you will receive the notifications and share the HMAC key

Because our algorithm can present some customizations, an example is left. Upon receiving signed notifications you can verify their authenticity with this algorithm:

using System;
using System.Globalization;
using System.Security.Cryptography;
using System.Text;

public class DigitalHMACSignature {
  public static string ComputeHash(string key, string message) {
    //Changes the hexadecimal string to a byte array by parsing the string byte-by-byte.
    byte[] keyBytes = new byte[key.Length / 2];
    for (int i = 0; i < keyBytes.Length; i++) {
      keyBytes[i] = byte.Parse(key.Substring(i * 2, 2), NumberStyles.HexNumber);
    }

    //Encodes a message into a sequence of bytes.
    byte[] encodedMessage = new ASCIIEncoding().GetBytes(message);

    //Computes a Hash-based Message Authentication Code (HMAC) by using the SHA256 hash function.
    byte[] hash = new HMACSHA256(keyBytes).ComputeHash(encodedMessage);

    //Converts the numeric value of each element of a specified array of bytes to its equivalent hexadecimal string representation
    var computedString = BitConverter.ToString(hash).Replace("-", "").ToLower();

    return computedString;
  }
}

Below is a sample of the callback body:

[
  {
    "payout_id": 0,
    "customer_name": "string",
    "transaction_type": "string",
    "status": "string",
    "lot_date": "20200207",
    "gross_amount": 0,
    "net_amount": 0,
    "transaction_list": [
      {
        "transaction_id": 0,
        "type_of_id": "string",
        "beneficiary_cuit": "stringstrin",
        "beneficiary_name": "string",
        "bank_account_type": "s",
        "bank_account": "string",
        "bank_cbu": "stringstringstringstri",
        "amount": 0,
        "transaction_date": "20200207",
        "merchant_id": "string",
        "concept_code": "string",
        "currency": "string",
        "status": "string",
        "status_detail": "string",
        "withholding_tax_afip": 0,
        "withholding_tax_agip": 0,
        "withholding_tax_arba": 0,
        "exchange_rate": 0,
        "submerchant_code": "string",
        "sender_name": "string",
        "sender_address": "string",
        "sender_state": "string",
        "sender_country": "string",
        "sender_taxid": "string",
        "sender_birthdate": "20200207",
        "sender_email": "string",
        "beneficiary_phone_number": "string",
        "sender_phone_number": "string"
      }
    ]
  }
]