After an order is completed as explained above, Zilla will send a final status as a POST
event to the webhook URL you provided (We believe that you must have updated this on your Zilla merchant dashboard). A 2xx
response code is expected to ensure you have received our update. However, there's an exponential backoff method for re-trial as a contingency plan for instances where that doesn't happen. We highly recommend that you use webhooks to confirm the payment status before delivering value to your customers
Here's a sample of the request body we send to your webhook URL:
{
"eventType": "successful_payment",
"signature": "2994f5181f77aaf1d54e764d1275a0e9a042f9757d9d915414507d9e3c181bcead67f1ac0bd5a35cd4d2877f469b4bb47b80dd1f07c8dfdbaacce7f5dfc5656b",
"data": "{
"createdAt":"2021-10-26T14:50:42.323998Z",
"completedAt":"2021-10-26T14:51:53.104097Z",
"clientOrderReference":"123453",
"amountOfOrder":2000.00,
"amountSettled":1900.00,
"fee":100.00,
"paymentPlan":"INSTANT",
"paymentStatus":"SUCCESSFUL",
"merchantSettlementStatus":"PENDING",
"orderId":"ba5f3d38-68ef-45c0-8430-7053aac14aac",
"orderTitle":"Drugs",
"orderCode":"111111119Z",
"orderPaymentId":"f827bfc4-da22-4151-839f-fff263c4edca"
}"
}
To validate that the request is from Zilla, generate a HmacSHA512
hash using the "data" in the request body (as represented in the sample above) and your Encryption key (you can find this in the API & webhook tab on the Settings page on the merchant's Zilla dashboard) as the secret key*.*
The generated hash must match the "signature" in the request body to be certain the request to your webhook URL came from Zilla.
The "data" in the request body contains important information regarding the order*(as represented in the sample above)* that was paid for*.*