The documentation here https://developer.authorize.net/api/reference/features/webhooks.html#Verifying_the_Notification talks about the verification process for WebHook response. Is there and example available on how to implement this in Java?
Solved! Go to Solution.
07-24-2018 02:11 PM
Hi @ashish1871
You can have a look at this repo https://github.com/dns12345/AuthNet.WebHooks
We are also in progress of building a sample app for Webhooks which will be published soon .
Thanks
07-24-2018 04:11 PM
Hi @ashish1871
You can have a look at this repo https://github.com/dns12345/AuthNet.WebHooks
We are also in progress of building a sample app for Webhooks which will be published soon .
Thanks
07-24-2018 04:11 PM
This link no longer works.
08-23-2018 03:05 PM
Try this link
https://github.com/dns12345/AuthNet.WebHooks/tree/master/AuthNet.WebHooks
Also checkout our new Webhook Sample App at https://github.com/AuthorizeNet/webhooks-sample-app
Thanks
08-23-2018 03:07 PM
I had the exact same problem:
How to verify X-Anet-Signature?
So I have to use raw json encoded string as received on my endpoint. Without any modification, concatenation of name-value pairs with specials characters etc.
It is very simple! Why not mentioned in the official documentation?
It only says:
"The client application can generate the same HMAC-SHA512 hash using the webhook notification's body and the merchant's Signature Key."
And poor developer does not understand what "body" means... :-)
05-30-2019 07:12 AM
I have followed the documentation for verifying the notification as well as Ruby code for it: https://github.com/AuthorizeNet/sample-code-ruby/blob/master/Sha512/compute-transhash-sha512.rb
12-16-2020 07:04 AM
Hi,
I write down a nodejs code and it doesn't work all the time. Sometimes it matches and sometimes it doesn't match. What could be the reason?
05-25-2023 01:59 PM
You guys really need to update your API documentation, something so ridiculously simple once again made difficult due to lack of documentation.
12-19-2023 01:22 AM - edited 12-19-2023 01:34 AM
its not "x-anet-signature" its case sensitive so it should be
X-ANET-Signature
12-19-2023 01:35 AM
If you're using Java, get HmacUtils from commons-codec. Then you just pass your sig key like so and can compare with hmacHex on the body. It will return the hash as a string then you just compare them.
HmacUtils h = new HmacUtils(HMAC_SHA_512, "<SIG_KEY>");
h.hmacHex("<REQUEST_BODY>");
01-10-2024 08:38 AM