Webhooks
Identity Verification Webhooks
When an Identity Verification job is completed, Vouched can post the job results to a defined webhook URL. This can be set as callbackURL
in the JS Plugin, the Submit Job or Send Invite API endpoint.
This webhook uses the response model from the Submit Job API endpoint.
AML Monitoring Webhooks
For verification jobs with AML and ongoing monitoring enabled, Vouched is able to post the most recent AML results to a defined webhook URL. This webhook will be triggered when the AML details of a monitored job have changed. This webhook uses the response model from the Retrieve AML Result API endpoint.
To enable AML Monitoring Webhooks, please send the desired callback URL to [email protected].
Validating Webhook Responses
All webhook requests contain X-Signature
in request headers. The X-Signature
is base64 encoded, created using HMAC-SHA1
using your private key as the key and using the response as data. To validate the webhook response, perform the same signature procedure and confirm that your generated signature matches the sent signature.
If your account uses the signature key, the
X-Signature
is base64 encoded, created usingHMAC-SHA1
with your signature key instead of the private key.
Updated 4 months ago