<aside> 💡

Clients can subscribe to core banking notifications for the following events:

• Account Balance Updates
• Operation Status Changes </aside>

📩 Delivery Method

Notifications are sent via HTTP POST to the registered URL.

• All requests are signed using RSA (type1) signature.
• If webhook execution is not completed within 5000ms, it will be marked as failed.
• Failed webhooks will be retried with a progressive delay.
• There is a retry limit for failed attempts.

🔑 Signature Verification

The RSA (SHA256) signature is generated using the private key over the following concatenated string:

<method>\n
<host>\n
<path>\n
<date>\n
<body>

🛡️ Signature Handling

• The signature is hex-encoded and must be included in every request in the X-Api-Signature header.
• The timestamp of signature calculation must be included in the Date HTTP header.

📌 Example Date Header Format:

Date: Mon, 29 Mar 2021 11:11:59 GMT