# Nudge Webhook A webhook url can be provided to CustomerGlu to receive the nudges to be shown to users in real-time The app can be configured to open the url present in "clickAction" property in a webview. A POST request will be made to the specified Webhook URL . Example request body is as follows: ``` { "client":"xyzc-b2e0-4927-8653-cba2babc2", "campaignId":"acxscx26-5437-4b37-855f-a3f6edqccqc4", "userId":"glutest-1", "notificationType":"push", "pageType":"full-default", "content":{ "button":{ "text":"Go to Reward", "action":"https://xyz.customerglu.net" }, "title":"Scratch card unlocked! 😍", "body":"Check to see how much you've won 🙌", "clickAction":"https://xyz.customerglu.net", "image":"" }, "timeRemaning":"", "expiry":"" } ``` ***Optionally***, to verify the authenticity of request, a secret token can be provided to CustomerGlu. When you set a token, you'll receive the `X-CG-SIGNATURE` header in the webhook `POST` request. value of this header will be a hmac hexdigest of the request body with the provided token. See on how to validate the requests #### Validating Nudge Webhook {% tabs %} {% tab title="JavaScript" %} ``` const verifySignature = (reqBodyDigest, cgHeader) => { return crypto.timingSafeEqual(Buffer.from(cgHeader), Buffer.from(`${reqBodyDigest}`)); } app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.post('/hook', (req, res) => { const jsonString = JSON.stringify(req.body); const reqBodyDigest = crypto.createHmac('sha1', token) .update(jsonString) .digest('hex'); const cgHeader = req.headers['x-cg-signature']; const verify = verifySignature(reqBodyDigest, cgHeader) } ``` {% endtab %} {% tab title="Python" %} ``` import hmac,hashlib,json sampleObj = {"campaignId":"6bab1116-ae8e-4644-9cee-7a3d8ee9aff3","type":"direct","userId":"test-8-june-9","rewardId":"acdc71c6-08ad-4cd9-8c1e-3c812487b854","rewardName":"$15","rewardAmount":15,"details":{"currency":"USD","value":15,"reward_reason":"got_referred","userAName":"Test Solve 7","userAId":"test-8-june-7"}} gluHeader="f2719895b483fbf3f98e1936bc88271cbe74f138" def generateSignature(incomingBody): key="PbTJp694bmgrfJpJPQmrjGfjgq".encode('utf-8') incomingBodyString = json.dumps(incomingBody, ensure_ascii=False, separators=(',', ':')).encode('utf-8') return hmac.new(key, incomingBodyString, hashlib.sha1).hexdigest() def verifySignature(cgHeader,incomingBody): return hmac.compare_digest(cgHeader,generateSignature(incomingBody)) ``` {% endtab %} {% tab title="Java" %} {% hint style="info" %} **Note**: CustomerGlu requires the raw body of the request to perform signature verification. If you are using a framework/library, make sure it doesn't manipulate the raw body. Any manipulation to the raw body of the request will cause the verification to fail. {% endhint %} ```java private static String toHexString(byte[] bytes) { Formatter formatter = new Formatter(); for (byte b : bytes) { formatter.format("%02x", b); } return formatter.toString(); } public static String calculateSHA1HMAC(String payload, String key) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException { // String HMAC_SHA1_ALGORITHM = "HmacSHA1"; SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM); Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM); mac.init(signingKey); return toHexString(mac.doFinal(payload.getBytes())); } ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.customerglu.com/miscellaneous-topics/configuring-webhooks/nudge-webhook.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.