This is a really important message about something. It could be about anything we deem important enough to tell everyone. It might have links to places, but shouldn't have any images or non-text content. Messages shouldn't be longer than two lines on normal sized layouts.
Genesys Cloud Developer CenterGenesys Cloud Developer Center
Browser storage is disabled

Your theme selection will not be remembered when you refresh the page. Please enable browser storage in the Account Switcher above to allow this setting to be remembered.

Topics
Analytics & Data Management
Authorization
Billing
Communication & Digital Channels
Overview
Journey
Collaborate Chat
Digital messaging and engagement
Digital messaging and engagement
Co-browse
Screen share
Web Chat
Digital Messaging Recipient Identifiers Messaging Media Uploads
Open messaging
Open messaging Inbound open receipt messages Validate webhook notifications Outbound Open NormalizedMessage Format Message receipts Get a conversation ID Get started FAQs Prerequisites Create the integration Outbound messages Identity Resolution Inbound open messages Inbound open event messages Inbound open text messages Agentless SMS Notifications Automatic SMS after Call Open Messaging APIs
Web messaging and Messenger
External Contacts
Fax Greetings
Task Management in Work Automation
Textbots
Third Party Email and Chat Routing
Voicemail
GDPR & Privacy
Notifications & Alerts
Organization
Platform
Routing & Conversation Handling
Telephony
User & Agent Management
Resources
Announcements
AppFoundry
Genesys for Builders - Amazon Web Services Developer Blog Blueprints Changelog
Developer Applications
Developer Guides Videos
Home
|Communication & Digital Channels
|Digital messaging and engagement
|Open messaging
Removed from toolbox

Validate webhook notifications

Obtain the secret token

When you create an integration, you provide outboundNotificationWebhookSignatureSecretToken.

Validate a notification from an outbound open message

To validate outbound open messages use the outboundNotificationWebhookSignatureSecretToken from the X-Hub-Signature-256 header. This header automatically accompanies all webhook requests sent to outboundNotificationWebhookUrl.

Copied
Validate an outbound open message
const crypto = require('crypto');

// integration - the integration object
// normalizedMessage - the NormalizedMessage payload
// request - webhook request object

const normalizedMessage = request.data;
const signature = request.headers['X-Hub-Signature-256'];
const secretToken = integration.outboundNotificationWebhookSignatureSecretToken;
const messageHash = crypto.createHmac('sha256', secretToken)
    .update(JSON.stringify(normalizedMessage))
    .digest('base64');

if (`sha256=${messageHash}` !== signature) {
    throw new Error("Webhook Validation Failed! Throw this away.");
} else {
    processMessages(normalizedMessage);
}

Webhook retry policy

The Genesys Cloud Messaging platform retries a webhook request up to 5 times if the request times out (10 seconds) or responds with a retryable HTTP status code (429, 5xx).

A full retry sequence with timeouts would take 85 seconds and looks like this:

  1. Initial request (10-second timeout)
  2. 5-second delay
  3. 1st retry (10-second timeout)
  4. 5-second delay
  5. 2nd retry (10-second timeout)
  6. 5-second delay
  7. 3rd retry (10-second timeout)
  8. 5-second delay
  9. 4th retry (10-second timeout)
  10. 5-second delay
  11. 5th retry (10-second timeout)
Genesys Cloud resourcesBeyond TrainingCommunity ForumKnowledge NetworkResource CenterStatus
App FoundryOverviewAvailable AppsContributeStyle Guide
Connect with usGithubTwitterDeveloper ForumDeveloper BlogGenesys BlogDevCast Newsletter
Copyright © 2025 Genesys. All rights reserved.
Terms of Use | Privacy Policy
On this page

Privacy Settings

This site uses cookies and related technologies, as described in our privacy policy, for purposes that may include site operation, analytics, enhanced user experience, or advertising. You may choose to consent to our use of these technologies, or manage your own preferences. Learn more here