CustomerGlu Developer Documentation
  • 🔧Getting started
  • 🔧Quickstart Guide for React Web Apps
  • 📱Quickstart Guide for React Native Apps
  • 📱Quickstart Guide for Flutter Apps
  • Integrating with SDKs
    • Web SDK
    • Mobile SDKs
      • How to Test Integration?
    • Cordova SDK
    • Shopify
  • Integrating with APIs
    • Register User/Device
    • Load Campaigns
    • Binding Webview to Native App Functions
    • 🔍Using __GLU_NUDGE_CLICK for Widget Visibility
    • 🎯API-based Segmentation Quickstart Guide
  • 🔌Third-Party Integrations
    • Source
      • Sending Events directly from Server
      • Segment
      • Moengage
      • Amplitude
      • Clevertap
      • Webengage
    • Destination
      • Analytics Webhook
      • Customer.io
      • Talon.One
      • Segment
      • MoEngage
      • Amplitude
      • Clevertap
      • WebEngage
      • Google Sheets
    • Cohort
      • Mixpanel
  • Miscellaneous Topics
    • Direct Campaign/Wallet URLs
    • Configuring Webhooks
      • Rewards Webhook
      • Nudge Webhook
    • Notifications
      • FCM
      • APNs
      • CustomerGlu Notification
      • Testing Nudges
    • Referral Campaigns
      • Firebase
      • Branch
    • Handling Non Logged-in Users
    • Testing Campaigns with User Logs
    • Using the Editor
      • How to edit Buttons in Campaigns
    • How to Create and Manage Segments in CustomerGlu
  • SCHEMA REPOSITORY
    • Webhook Schema
      • Reward Webhook Schema
      • Nudge Webhook Schema
      • Raw Event Webhook Schema
    • Webview Callback Schema
      • Analytics Event Schema
    • Analytics schema V4
      • Page Events
      • Track Events (UI)
      • Track Events (SDK)
      • State-Change Events
      • System Events
    • 🗝️FAQ
      • API Key
      • How to find and add Screen Names for Entrypoints
  • Demo Apps
    • Demo Apps
Powered by GitBook
On this page
  • Webhook Payload Customization
  • Setting Up Reward Webhook from the Dashboard

Was this helpful?

  1. Miscellaneous Topics
  2. Configuring Webhooks

Rewards Webhook

Send the reward outputs like points, merchandise, cashbacks, coupons to your servers

PreviousConfiguring WebhooksNextNudge Webhook

Last updated 8 months ago

Was this helpful?

A webhook url can be provided to CustomerGlu to receive the rewards won by users in real-time

A POST request will be made to the specified Webhook URL . Example request body is as follows

{
        "campaignId": "xyz41c29-bb0d-4fe6-8260-1403d1c0e964",
        "type": "scratchcard",
//"direct","spinthewheel","slotmachine","memorygame","quiz",giftbox,...//
        "userId": "testuser1",
        "rewardId": "xyzbb3ca-093f-43f2-84ba-8d5ed0d6c1b4",
//rewardId will be unique and can be used as a de-duplication filter
        "rewardName": "200 Coins",
        "rewardAmount": 400 //optional
        "code": "CODE123"//optional
        "details": {//optional
            "userBName": "testuser2", //in case of a reward for a referral
            "userBId": "testuser2"//in case of a reward for a referral
            "userAName": "testuser0", //in case of a reward for a referral
            "userAId": "testuser0"//in case of a reward for a referral
            "rewardCategory": "RM",//custom attribute
            "currency":"USD"//custom attribute
        }
//details object can also contain any logic/business specific custom attributes which can be given as a campaign input//
}

Optionally, to verify the authenticity of request, a secret token can be provided to CustomerGlu.

When you set a token, you'll receive the X-CG-SIGNATURE header in the webhook POST request. value of this header will be a hmac hexdigest of the request body with the provided token. See on how to validate the requests

Validating Reward Webhook

const verifySignature = (reqBodyDigest, cgHeader) => {
  return crypto.timingSafeEqual(Buffer.from(cgHeader), Buffer.from(`${reqBodyDigest}`));
}


app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.post('/hook', (req, res) => {
  const jsonString = JSON.stringify(req.body);
  const reqBodyDigest = crypto.createHmac('sha1', token)
    .update(jsonString)
    .digest('hex');
  const cgHeader = req.headers['x-cg-signature'];
  const verify = verifySignature(reqBodyDigest, cgHeader)
}
import hmac,hashlib,json

sampleObj = {"campaignId":"6bab1116-ae8e-4644-9cee-7a3d8ee9aff3","type":"direct","userId":"test-8-june-9","rewardId":"acdc71c6-08ad-4cd9-8c1e-3c812487b854","rewardName":"$15","rewardAmount":15,"details":{"currency":"USD","value":15,"reward_reason":"got_referred","userAName":"Test Solve 7","userAId":"test-8-june-7"}}
gluHeader="f2719895b483fbf3f98e1936bc88271cbe74f138"


def generateSignature(incomingBody):
  key="PbTJp694bmgrfJpJPQmrjGfjgq".encode('utf-8')
  incomingBodyString = json.dumps(incomingBody, ensure_ascii=False, separators=(',', ':')).encode('utf-8')
  return hmac.new(key, incomingBodyString, hashlib.sha1).hexdigest()

def verifySignature(cgHeader,incomingBody):
    return hmac.compare_digest(cgHeader,generateSignature(incomingBody))
    
    

Note:

CustomerGlu requires the raw body of the request to perform signature verification. If you are using a framework/library, make sure it doesn't manipulate the raw body. Any manipulation to the raw body of the request will cause the verification to fail.

private static String toHexString(byte[] bytes) {
        Formatter formatter = new Formatter();
        for (byte b : bytes) {
            formatter.format("%02x", b);
        }
        return formatter.toString();
    }
    public static String calculateSHA1HMAC(String payload, String key)
            throws SignatureException, NoSuchAlgorithmException, InvalidKeyException {
        //
        String HMAC_SHA1_ALGORITHM = "HmacSHA1";
        SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM);
        Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
        mac.init(signingKey);
        return toHexString(mac.doFinal(payload.getBytes()));
    }
function verifySignature($apiSecret)
{
    $body = json_encode(file_get_contents('php://input')); // get json encoded body
    $hmac = hash_hmac('sha1', $body, $apiSecret); // Generate HMAC from body and shared secret
    $signature = $_SERVER['x-cg-signature'];  // Get signature from request header
    return $hmac == $signature; // compare request signature with generated signature. 
}

Webhook Payload Customization

You can define your own schema for the webhook payload. Below are the default keys that we will send as part of the payload. You can extend this with additional custom attributes as needed.

Default Keys

  • campaignId, type, rewardType, userId, rewardId, status, transactionId, rewardName, rewardAmount, body, rewardExpiry, tnc, code,details.

How To Use

  • Use the $ symbol with Default Keys to access dynamic values, and static values can be accessed without the $ symbol.

Note: If you want to access nested payload values in the root, you can access them using the dot operator.

  • Example Screenshots from CustomerGlu Dashboard > Dev Console > Reward Webhook.

  • Example Payload You Will Receive After Setting Up the Reward Webhook.

Setting Up Reward Webhook from the Dashboard

Whitelisting CustomerGlu Webhook IPs

The following IP address(es) should be whitelisted by your Server, to receive Webhook requests from CustomerGlu:

20.207.108.216