🧭 add a Webhook Endpoint
You need to set a webhook endpoint up, where we will send webhooks. Visit our console and head to /webhooks, and click on add endpoint:
You need to provide your endpoint, the eventTypes you want to receive, and if your endpoint is active. You can also edit the data later on.
Click on "Add" and wait a few seconds until your endpoint appears in the endpoints table.
🔐 Verify webhooks
The first thing you need to verify incoming webhooks is to get your webhook secret from the console, just click on the endpoint you are working on an copy its secret.
NOTE: Every endpoint has its own secret.
Now put that secret into your .env file:
BRIX_WEBHOOK_SECRET=c8c3c759c30410e041656ad72a1311c2bd4a384d6ce003d2c26d9d24e46a84a7Before you can start performing actions based on specific webhooks, you must verify that the incoming requests are from BrixPay. This is done by validating the X-Brix-Signature included in the request headers using the endpoint specific secret. Here's how you do this in your NextJS API route:
import { NextResponse } from 'next/server';
import crypto from 'crypto';
export async function POST(req) {
const webhookSecret = process.env.BRIX_WEBHOOK_SECRET;
const signature = req.headers.get('X-Brix-Signature');
const body = await req.text();
const expectedSignature = createHmac(
"sha256",
process.env.BRIX_WEBHOOK_SECRET
).update(body).digest("hex");
if (signature !== expectedSignature) {
return NextResponse.json({ error: 'Invalid signature' }, { status: 401 });
}
const event = JSON.parse(body);
// Handle the webhook event
console.log('Received event:', event);
return NextResponse.json({ message: "Webhook verified" }, { status: 200 });
}👂 Listen for webhooks
NOTE: The received "amount" under event -> data is the price of your product in cents, so the value 100 is equal to $1.
NOTE: The received "createdAt" under event is a UNIX-Timestamp that tells you when your event was created.
Now you have your webhook endpoint set up and verified, you can listen for specific webhook events. You can handle different event types by checking the eventType key of the received object (which is the event in the code above). Currently, 2 types exist:
{
"id": "f897cb16-7c19-4492-91c4-11e06fc641ff"
"eventType": "payment.succeeded",
"createdAt": 1767899277327,
"data": {
"orderId": "068f568f-68bf-4caf-b1d5-98989ce6f260"
"productId": "7ce3c19a-ecfd-4184-b585-b0ee9a57d4e2"
"amount": 1
"customerAddress": "0x87D250bae0A83Fbf4785ceCC3228652ec3ab703b"
"merchantAddress": "0x694B21d5190000149a7016743955A49986176796",
"chainId": "8453",
"metadata": { fav_pet: "frog" },
"devMode": false,
"tokenAddress": "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913",
"txHash": "0xc7918573284af769842ca197691435960247195f1ecec97b8dd203f635f682bb",
},
}{
"id": "737e4eca-0939-46d3-83fb-5a707076f0ff",
"eventType": "payment.failed",
"createdAt": 1767966191330,
"data": {
"orderId": "ec9c2bd6-5566-4628-aa80-52877e2bef8e",
"productId": "7ce3c19a-ecfd-4184-b585-b0ee9a57d4e2",
"amount": 1,
"customerAddress": "0x87D250bae0A83Fb91f4785ceCC3228652ec3ab703b",
"merchantAddress": "0x694B21d5190000149a7016743955A49986176796",
"chainId": "8453",
"metadata": { "fav_pet": "frog" },
"devMode": false,
"tokenAddress": "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913",
"error": "execution reverted: "ERC20: transfer amount exceeds allowance",
},
}Great! You are now set up to securely receive and handle webhooks from BrixPay and accept crypto payments, for any feedback or other inquiries email us at hi@brixpay.io or join our Discord.