Skip to main content

Verifying a webhook

Always verify the signature before parsing or trusting the body.
Voucher titles can contain inline markup. Merchants may style the striking part of an offer with tiny tags — {b}…{/b} (bold), {r}…{/r} (red highlight), {s}…{/s} (strikethrough), which can nest ({b}{r}RM38{/r}{/b}). Any voucherTitle in a payload (or in /me/* responses) may include them. Strip the tags for a plain-text display (remove anything matching \{/?[brs]\}, case-insensitive) or render them if you want the emphasis.

CLAIM_CREATED

Emitted when the user adds a voucher to their wallet via POST /me/claims.

REDEMPTION_CREATED

Emitted when the user redeems a voucher via POST /me/redemptions. Both SUCCESS and FLAGGED redemptions fire this event.
The code dispensed to the user (if any) is not included in this payload — it’s considered consumer-facing and only flows through the redemption response. If you need it server-side, fetch the redemption via the admin API.

VOUCHER_PUBLISHED

Emitted once per favoriting user when a merchant publishes a new voucher. We fan out at publish time, so if 10k users have favorited the merchant, 10k events are enqueued.