Verifying a webhook
Always verify the signature before parsing or trusting the body.Voucher titles can contain inline markup. Merchants may style the
striking part of an offer with tiny tags —
{b}…{/b} (bold), {r}…{/r}
(red highlight), {s}…{/s} (strikethrough), which can nest
({b}{r}RM38{/r}{/b}). Any voucherTitle in a payload (or in /me/*
responses) may include them. Strip the tags for a plain-text display
(remove anything matching \{/?[brs]\}, case-insensitive) or render them
if you want the emphasis.CLAIM_CREATED
Emitted when the user adds a voucher to their wallet via
POST /me/claims.
REDEMPTION_CREATED
Emitted when the user redeems a voucher via POST /me/redemptions. Both
SUCCESS and FLAGGED redemptions fire this event.
The
code dispensed to the user (if any) is not included in this
payload — it’s considered consumer-facing and only flows through the
redemption response. If you need it server-side, fetch the redemption
via the admin API.