Overview
If you have setup a webhook url while creating an app on the Dashboard, Mono will send webhook events to notify data updates.
Security
mono-webhook-secret is passed with the header, your server must check for this secret with the one received when creating the webhook to verify identity.
Events
mono.events.account_updated triggered when the status of account has been updated.
Webhook object
{
event: 'mono.events.account_updated',
data: {
meta: { data_status: 'AVAILABLE' },
account: {
_id: '5fbcde8f8699984153e65537',
institution: [Object],
accountNumber: '0018709596',
name: 'OGUNGBEFUN OLADUNNI KHADIJAH',
type: 'SAVINGS_ACCOUNT',
currency: 'Naira',
bvn: '9422',
balance: 3033984,
created_at: '2020-11-24T10:21:03.936Z',
updated_at: '2020-11-24T10:21:13.050Z',
__v: 0
}
}
}
Example JS implementation
// example js implementation
const secret = process.env.MONO_WEBHOOK_SEC;
function verifyWebhook(req, res, next) {
if (req.headers['mono-webhook-secret'] !== secret) {
return res.status(401).json({
message: "Unauthorized request."
});
}
next();
}
router.post('/webhook', verifyWebhook, (req, res) => {
const webhook = req.body;
switch(webhook.event) {
case "mono.events.account_updated":
// do something with webhook.data.account;
break;
}
return res.sendStatus(200);
});