# Processing WebHook Notifications

Behavior of webhook notifications described [here](https://docs.0xpay.app/public-api/notifications) and notification verification is [here](https://docs.0xpay.app/public-api/js-ts-sdk/broken-reference). SDK incapsulates verification logic providing an easy way to validate notification. But there are some important points.

### Method

Validation of notification requires such properties:

* method - Notification request method
* url - Notification request url. For example if your server under domain ***example.com*** handles notification by path ***/0xpay*** than url will be ***example.com/0xpay***. You can access it by concatenating header "host" and request path(url).
* timestamp - Unix timestamp, receiving in headers
* signature - Notification signature, receiving in headers
* rawBody - String of unparsed request body

```
XPay.validateWebhookRequest({
    method: 'POST',
    url: 'domain.com/ipn',
    timestamp: 1672158945,
    signature: 'signature',
    rawBody: '{ ... }'
})
```

### Verifying a notification (webhook)

Example with express:

```ts
import { XPay } from '@0xpay/sdk'
import express from 'express'

// Create XPay instance
const xpay = new XPay(...)

express().post('/ipn', express.text(), (req, res) => {
  const validationError = xpay.validateWebhookRequest({
     method: req.method,
     url: req.get('host') + req.originalUrl,
     timestamp: req.get('timestamp'),
     signature: req.get('signature'),
     rawBody: req.body
  })
  if (validationError) throw new Error(validationError.description)

  const ipn = JSON.parse(req.body)

  // processing your ipn...

  res.send('OK')
})
```