Webhooks

To register Webhook URL, use Shop callback URL.

Callback URL should respond with status 200 for GET request

Rocketfuel Webhook and Events

RocketFuel webhook calls are triggered to update the merchant on the updated status of the transaction.

Rocketfuel webhooks support the following events:-

Transaction is marked as pending/initiated
Transaction is marked as partial paid
Transaction is marked as successful
Transaction is marked as failed

Securing Callbacks

Order callbacks originating from RocketFuel will be signed using our callback signing RSA private key.

If you would like to verify callbacks manually in the language of your choice, the message digest used is SHA256, the message that is signed is the POST body, the padding scheme is PKCS1_v1_5, and the signature to be verified is present in the ‘signature’ HTTP data encoded as base64.

Examples

public function verifyCallback($body, $signature)
{
    $signature_buffer = base64_decode( $signature );
    return (1 == openssl_verify($body, $signature_buffer, self::getCallbackPublicKey(), OPENSSL_ALGO_SHA256));
}

function verifySignature(body, public_key_rsa, signature) {
  const verifier = crypto.createVerify('RSA-SHA256');
  verifier.update(body);
  return verifier.verify(public_key_rsa, signature, 'base64');
}

using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
using System.Linq;

public class EncryptionUtility
{
    public static bool VerifySignature(string body, string signature)
    {
        try
        {
            // Decode the base64 signature
            byte[] signatureBuffer = Convert.FromBase64String(signature);
            byte[] bodyBuffer = Encoding.UTF8.GetBytes(body);

            using (RSA rsa = RSA.Create())
            {
                // Import the public key
                rsa.ImportFromPem("public_key_rsa");

                // Verify the signature using SHA256
                return rsa.VerifyData(
                    bodyBuffer,
                    signatureBuffer,
                    HashAlgorithmName.SHA256,
                    RSASignaturePadding.Pkcs1
                );
            }
        }
        catch (Exception ex)
        {
            // Handle or log the exception as needed
            Console.WriteLine($"Verification error: {ex.Message}");
            return false;
        }
    }
}

Test data

RKFL provides support to custom parameters (optional) in the response based on the type of response Method passed in the invoicing API. Following is an example for GET & POST Custom parameter payload

1. GET Query Parameters in webhook URL :- <callback URL>?custom1=crypto&custom2=RKFL&custom3=credit

Body Payload

{
  type: 'rf:alert',
  data: {
    data: '{"amount":"11","conversionRate":{"fiatCurrency":"USD","rate":1},"cryptoAmount":"11","cryptoCurrency":"USD","currency":"USD","offerId":"3910","paymentStatus":"0","receivedAmount":"0","referenceId":"d30290d4-7c91-44ef-930a-9baa81733702","status":true,"transactionId":"874eba00-674c-4a39-afd2-3e3a5f8d521f"}',
    conversionRate: { fiatCurrency: 'USD', rate: 1 },
    amount: '11',
    currency: 'USD',
    referenceId: 'd30290d4-7c91-44ef-930a-9baa81733702',
    offerId: '3910',
    transactionId: '874eba00-674c-4a39-afd2-3e3a5f8d521f',
    status: true,
    paymentStatus: '0',
    cryptoAmount: '11',
    cryptoCurrency: 'USD',
    receivedAmount: '0',
    isSubscription: false,
    subscription: {}
  },
  signature: 'n/3otT5xpyG2AoUKnIhOhIFcpHhnqyUE8h044IO04zp1EevcH62CRyPmXqv2z6AJSv2pplEy8IlBWeVFCwkEF6KIJeANeagJNSUevAqgd437W+BjpFmR9M3vj353m26h4hSnAeEYWl375iQfl7sQ0tnmDyFXOKyz42ssvsYcL0bKywsYOlKwyusoNGVjC1yCkTTVBFIMUQXgFHceRkbhEFUMQA7inw2Ux2s+Ncj+u0IVGXsFcRk/CdkcQX0r1/Q6i6rmpujovDyKyn/JGkJOKH3B62tSFy0hilH36t7vY2Q8o7Re/9cFXQNayGszY89Ijn8qNAgr4P7hn7q/goMrfQ=='
}

2. POST

Webhook URL :- <Callback URL>

Custom parameters will be received under key customParameter

Body Payload

  {
  type: 'rf:alert',
  data: {    data: '{"amount":"11","conversionRate":{"fiatCurrency":"USD","rate":1},"cryptoAmount":"11","cryptoCurrency":"USD","currency":"USD","offerId":"3917","paymentStatus":"0","receivedAmount":"0","referenceId":"7459f87b-c5f0-4752-a1ed-96f73cbeae94","status":true,"transactionId":"13c40f35-fef4-4107-9abe-e15834a09def"}',
    conversionRate: { fiatCurrency: 'USD', rate: 1 },
    amount: '11',
    currency: 'USD',
    referenceId: '7459f87b-c5f0-4752-a1ed-96f73cbeae94',
    offerId: '3917',
    transactionId: '13c40f35-fef4-4107-9abe-e15834a09def',
    status: true,
    paymentStatus: '0',
    cryptoAmount: '11',
    cryptoCurrency: 'USD',
    receivedAmount: '0',
    isSubscription: false,
    subscription: {}
  }, 
  signature: 'FBPIcIKGFQQFRzDWffca96F9Hb8iK+K4zSYxK1csGyJCAAjN1z59vki9Hgx9+tFo2a/qAPavGm8w+5VgSLIGR5UYadaAD2cy2RR4RRhShH4RtkjPiRd8iurR977FEnLjDjKLkL3lFs17Lli6nWzSsom1pj/nWlnNgaN3EdiB16ZMtVVeqXhULYk/N/yKGonsWiRxwQS5rhaD+wFXAiDwT49uK4vDkgbC4UCvz7Sz7/gsuzfj3ULqkoPPg9tWLezlovl99iFZ/WpRKV4iv3eDadNhLcFarRNGDcIbH98S0ueZCBiM1aSmQaOF/YiUAVq6qjlfCd85KIDc7FKYKQSWwg==',
  customParameter: {
    custom1: 'crypto',
    custom2: 'RKFL',
    custom3: 'credit'
  }
}

NOTE: There can be multiple custom parameters.

Where

amount :- Amount (Float)
currency :- Currency of transaction
offerId :- Merchant database Order/offer id
referenceId :- RKFL database reference transaction id
status:-
- true:- successful
- false:- pending/failed/partial
paymentStatus
- 0 - pending
- 1/2/3/4 - successful
- -1 - failed
- 101 - partial
- 19 - timedout
cryptoAmount :- Crypto value of transaction
cryptoCurrency :- Crypto currency used
receivedAmount :- Received crypto amount
conversionRate :- Rate of conversion from fiat to crypto during transaction
- fiatCurrency - Base currency for conversion
- rate - conversion rate (multiplier)
isSubscription: true if the cart contains subscription item else false
subscription: subscription id of the cart item (string)
customParameter: Custom parameters are the passthrough variables passed from merchant at the time of invoice link/uuid generation. It consist of array of object (name, value). All "name" variables serve as the key for customParameter while "value" serves as the value of keys. This is helpful if merchant wishes to get back some custom parameters to identify or apply any business logic.

Authenticity/Verification of request from RKFL

You can test the authenticity of the request emerging from Rocketfuel by using following public key to generate signature. Once the signature is generated, you can tally the signature sent by Rocketfuel.

Signature:

f09HYBeZFqMkeo/ri5kZI0DGnCiSnYSl2KSZLaB3tIL722a1IsnCSsWsfdZRAiv/7e/MdqguXTBmEUdBzKnzR2ATBJF5VRtLeD7LhnNxpSs1+sAAgIwI2JS6nkRj8DTKZbZUzweGSdgARZfxxoVqQaaW4DPb8kXhGPVo/tOG8Rw62Vbyg279ysgWCtNuYltKg05DFxfWy287LtBnvs3kaw0xoTuR5rCnEncFFLRozSCPRSRU0Ebb3kfWNK6surso9OrqVkdbzXLCpLuLkkakxNvNpahzvB3DuT2zZn0NFxP8YGJquAVcWLh2aj0syRPDArHY5An5CtQ6nuiiJB6jTw==

Public RSA key

PreviousLookup using Public Key NextHandling Partial Payments

Last updated 1 month ago