Skip to main content
Webhooks are a great way for Glyde to keep your application informed of changes in your account and transaction status updates. When a transaction is initiated, it progresses through various stages, from pending to either successful or failed. At each stage, we will send a notification to the webhook URL registered in your merchant account.

Webhook Setup

Log into your account and go to Settings > API Keys & Webhook. From there, update your webhook URL.

Webhook URL

The webhook URL is a publicly accessible endpoint on your application/website that can receive a post request from Glyde. We will send updates about transactions to the endpoint.

Signing Key

The webhook will be signed using the secret key, a secure, randomly generated string. This ensures that the request originates from Glyde. The signing key will be included in the webhook request header X-Signature-Hash when sending data to your webhook URL.

Signature Validation

To validate the signature, you can use the following PHP code: 
const crypto = require('crypto');
const http = require('http');

const PORT = process.env.PORT || 3000; // Use environment variable for port or default to 3000
const GLYDE_SIGNING_KEY = 'YOUR_SIGNING_KEY'; // Replace with your actual signing key

const server = http.createServer((req, res) => {
  if (req.method !== 'POST' || !req.headers['http-x-signature-hash']) {
    res.statusCode = 400;
    res.end('Invalid request method or missing signature header.');
    return;
  }

  let inputData = '';
  req.on('data', (chunk) => {
    inputData += chunk.toString();
  });

  req.on('end', () => {
    const signature = req.headers['http-x-signature-hash'];
    const calculatedHash = crypto.createHmac('sha256', GLYDE_SIGNING_KEY)
      .update(inputData)
      .digest('hex');

    if (signature !== calculatedHash) {
      res.statusCode = 401;
      res.end('Invalid signature.');
      return;
    }

    res.statusCode = 200;
    res.end();

    // Parse JSON data (assuming it's in the request body)
    try {
      const event = JSON.parse(inputData);
      // Process the data in the 'event' object here
      console.log('Received event:', event);
    } catch (error) {
      console.error('Error parsing JSON:', error.message);
      // Handle JSON parsing error appropriately (e.g., send error response)
    }
  });
});

server.listen(PORT, () => {
  console.log(`Server listening on port ${PORT}`);
});

Event Types

{
  "event": "transfer.success",
  "data": {
    "reference": "fa59e3c4-14b6-370e-ab0c-a8eaa7af2056",
    "merchant_reference": "fa6ba254-ba5c-4db2-9015-8caf3107cd56",
    "type": "debit",
    "amount": 200,
    "status": "successful",
    "fee": 20,
    "created_at": "2025-03-01T21:20:54.000000Z"
  }
}