Overview

If you have setup a webhook url while creating an app on the Dashboard, Mono will send webhook events to notify data updates.

Security

mono-webhook-secret is passed with the header, your server must check for this secret with the one received when creating the webhook to verify identity.

Events

mono.events.account_updated triggered when the status of account has been updated.

Webhook object

{
  event: 'mono.events.account_updated',
  data: {
    meta: { data_status: 'AVAILABLE' },
    account: {
      _id: '5fbcde8f8699984153e65537',
      institution: [Object],
      accountNumber: '0018709596',
      name: 'OGUNGBEFUN OLADUNNI KHADIJAH',
      type: 'SAVINGS_ACCOUNT',
      currency: 'Naira',
      bvn: '9422',
      balance: 3033984,
      created_at: '2020-11-24T10:21:03.936Z',
      updated_at: '2020-11-24T10:21:13.050Z',
      __v: 0
    }
  }
}

Example JS implementation

// example js implementation

const secret = process.env.MONO_WEBHOOK_SEC;

function verifyWebhook(req, res, next) {
    if (req.headers['mono-webhook-secret'] !== secret) {
        return res.status(401).json({
            message: "Unauthorized request."
        });
    }

    next();
}

router.post('/webhook', verifyWebhook, (req, res) => {
    const webhook = req.body;
    

  switch(webhook.event) {
        case "mono.events.account_updated":
            // do something with webhook.data.account;
            break;
    }

    return res.sendStatus(200);
});