There are 3 different flows to send.
- OsmoUserToWallet
This flow is when you want to send money to a user and that user has an Osmowallet account already.
The next digram explains how this flow works:
- OsmoUserToBank
This flow is when you want to send to a user but it will be deposited to a specific bank account and not in his Osmowallet account.
Note:
In the case that bank account was incorrect, the deposit to bank account will be failed but the amount still success in OsmoWallet.
The next diagram explains how this flow works:
- NoOsmoUserToWallet
This flow is when you want to send to a user, but that user does not have an Osmowallet account already.
Note:
In the case that user does not register his account in 5 days once the invoice was paid, we will notify to you with status failed.
Statuses
| Status | Description |
|---|---|
| received.success | When the OsmoUserToBank flow is success. Weather was deposit to bank account or Osmowallet account. |
| settlement.success | When the OsmoUserToWallet flow is success. |
| settlement.failure | When NoOsmoUserWallet is failed since user doest not register his account. |
Body Response via webhookURL
| Field | Description |
|---|---|
| referenceId | The referenceId that you give us when generate invoice |
| status | One of the status explained above |
Receiving data from webhook URL
To ensure data comes from us, we use HMAC validation. The next example show it:
Note:
- SecretKey = clientId@clientSecret
- We implent a queue to retry in the case your service is not available at the moment
- You have to provide us a webhookURL before use this
Sending
This Sending example is just for test on your side. It really will be implemented by us.
import * as crypto from 'crypto';
import axios from 'axios';
async function sendSignedRequest(data: any, url: string, secretKey: string) {
const body = JSON.stringify(data);
const hmac = crypto.createHmac('sha256', secretKey);
hmac.update(body);
const signature = hmac.digest('hex');
const config = {
headers: {
'x-webhook-signature': signature,
'Content-Type': 'application/json'
}
};
const response = await axios.post(url, body, config);
return response.data;
}
Receiving
import * as crypto from 'crypto';
import express from 'express';
const app = express();
app.use(express.json());
app.post('/receive', (req, res) => {
const secretKey = 'your-secret-key'; // Replace with your actual secret key
const receivedSignature = req.headers['x-signature'];
const body = JSON.stringify(req.body);
const hmac = crypto.createHmac('sha256', secretKey);
hmac.update(body);
const expectedSignature = hmac.digest('hex');
if (receivedSignature === expectedSignature) {
res.status(200).send('Signature is valid');
} else {
res.status(403).send('Signature is invalid');
}
});
app.listen(3000, () => console.log('Server is running on port 3000'));