Verify the authenticity of your webhooks
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

MessageMedia Enterprise Webhooks NodeJS Code Guide

Pull Requests Welcome

The MessageMedia Enterprise Webhooks code guide demonstrates how you can verify webhooks signed and sent to you by MessageMedia.


Table of Contents

📰 Information

Slack and Mailing List

If you have any questions, comments, or concerns, please join our Slack channel:

Alternatively you can email us at:

Bug reports

If you discover a problem with the code guide, we would like to know about it. You can raise an issue or send an email to:


We welcome your thoughts on how we could best provide you with SDKs that would simplify how you consume our services in your application. You can fork and create pull requests for any features you would like to see or raise an issue

⭐️ Prerequisite

To be able to use this SDK, you will need a public key provided by MessageMedia. You can find out how to do this by going through the Signature Key Management documentation. You can then make use of the Signature Key Management NodeJS SDK to create and manage your keys.

🎬 Get Started

To keep this guide simple and easy to understand, we've used Express to set up a server which will monitor for incoming webhooks. You can setup your own production server and use it instead of the Express one if needed.

Initialisation and Installation

Create an empty directory for your project, let’s name it “testApp”. Now, open up your command prompt and clone this repository into the directory created. Run npm install to install the necessary packages.

Adding in the public key

Open up the index.js file and replace the placeholder that says PUBLIC_KEY_HERE with your public key. The result should look like this:

var publicKey = '-----BEGIN PUBLIC KEY-----\n'+
  '-----END PUBLIC KEY-----';

Changing the request line

The request line will need to be changed according to your callback url and request type. For instance, if your callback url is /captureData and the method type was PATCH then the resulting request line would look like this:

  verifier.update("PATCH /captureData HTTP/1.1" + date + body);


You are now ready to test the application. From the root directory of your application (where your index.js file is), run node index If all goes well, you should receive a true response which indicates the verification was a success.

📕 API Reference Documentation

Check out the full API documentation for more detailed information.

😕 Need help?

Please contact developer support at or check out the developer portal at

📃 License

Apache License. See the LICENSE file.