Terminal Shipping API
  • Introduction
  • Example Book Shipment Flow
  • Ship with Code
  • Authentication
  • Errors
  • Libraries & Plugins
  • API ENDPOINTS
  • Addresses
    • Create Address
    • Get Addresses
    • Get Address
    • Update Address
    • Validate Address
    • Set Default Sender Address
    • Get Default Sender Address
  • Carriers
    • Get Carriers
    • Get Carrier
    • Enable Carrier
    • Enable Multiple Carriers
    • Disable Carrier
    • Disable Multiple Carriers
    • Drop-off Locations
  • Claims
    • Get Claims
    • Get Claim
    • File Claim
  • HS Codes
    • Get HSCodes
    • Get HSCode Chapters
    • Get HSCode Categories
    • Get HSCode Details
    • Search HSCodes
  • Insurance
    • Get Insurance
    • Get Insurances List
    • Get Insurance Premium
    • Get Insurance Premium Using Parcel Value
    • Purchase Insurance
  • Packaging
    • Create Packaging
    • Update Packaging
    • Get Packaging
    • Terminal Default Packaging
    • Get Specific Packaging
  • Parcels
    • Create Parcel
    • Update Parcel
    • Get Parcels
    • Get Parcel
  • Rates
    • Get Rates for Shipment
    • Get Quotes for Shipment
    • Get Rates for Multi-Parcel Shipment
    • Get Rates
    • Get Rate
  • Simplified HS Codes
    • Get Simplified HSCodes
    • Get Simplified HSCode Chapters
    • Get Simplified HSCode Categories
    • Get Simplified HSCode Details
    • Search Simplified HSCodes
  • Shipments
    • Create Shipment
    • Create Quick Shipment
    • Update Shipment
    • Get Shipments
    • Get Shipments v2
    • Get Shipment
    • Track a Shipment
    • Cancel Shipment
    • Delete Shipment
    • Duplicate Shipment
    • Arrange Pickup & Delivery for Shipment
  • Transactions
    • Get Transactions
    • Get Transaction
  • Users
    • Get User
    • Get Wallet Info
    • Get Wallet Balance
    • Get User Carriers
  • Webhooks
    • Create Webhook
    • Delete Webhook
    • Disable Webhook
    • Enable Webhook
    • Get Webhooks
    • Get Webhook
  • MISCALLANEOUS
    • Carriers Available
    • Carrier Object
    • Cities
    • Countries
    • File Claim Object
    • Parcel Item
    • Quick Shipments
      • Parcel
      • Pickup / Delivery Address
    • Shipment Events
    • Shipment Extras
    • States
    • Webhook Events
      • Handling Webhook Events
    • Volumetric Weight
Powered by GitBook
On this page

Was this helpful?

  1. MISCALLANEOUS
  2. Webhook Events

Handling Webhook Events

Sample code for handling webhook events in Node.js.

Handling Events (Node.js)

The below example illustrates how to securely handle webhook events within your own applications. Each webhook call from the API includes a secure X-Terminal-Signature which is generated using your SECRET_KEY. To ensure integrity of each request you receive, you can complete a simple verification task as shown in the example below:

const crypto = require('crypto');
const SECRET_KEY = ""; //Your secret key

// Handle webhook event 
const handleEvent = (req, res) => {
	try{
		res.sendStatus(200);
		let webhook_signature = req.headers['X-Terminal-Signature']; //retrieve the request signature
		let {body} = req; // Retrieve the request's body
		let request_validation = verifyWebhookRequest(webhook_signature, SECRET_KEY, body); //Validate webhook request
		
		if(request_validation.status){
			let {data, event} = body; //retrieve event type and data payload
			switch(event){
				case "shipment.created":
					//Handle successful shipment creation event
				break;
				case "address.updated":
					//Handle successful address update event
				break;
				default:
					//Handle unknown event received
			}		
		}else{
			//request is not valid API webhook
		}
	}catch(e){
		console.log("Error occurred - %O", e)
	}
}

/**
* Verifies validity of webhook request.
* @params - signature - Signature hash received via webhook.
* @params - secret_key - API secret key.
* @params - body - Request payload received via webhook.
*/
const verifyWebhookRequest = (signature, secret_key, body={}) => {
	try{
		let manual_hash_signature = crypto.createHmac('sha512', secret_key).update(JSON.stringify(body)).digest('hex'); //regenerate hash using secret key and webhook payload
		let request_valid = (signature === manual_hash_signature); //verify signature from webhook matches manual hash
		let valid_message = (request_valid) ? "Webhook request is valid" : "Invalid webhook request received";
		
		return {
			status: request_valid,
			message: valid_message
		}		
	}catch(e){
		console.log("An error occurred %O", e);
		return {
			status: false,
			message: "Unable to verify request"
		}		
	}
}
PreviousWebhook EventsNextVolumetric Weight

Last updated 1 year ago

Was this helpful?