Implementation Options
To integrate HMAC validation, you can either leverage the official Nayax SDK or implement the logic manually in your preferred language.
These are the two options for implementation:
Nayax SDK (C# Developers)
C# developers can use the SDK.Api.Contracts library, which includes built-in HMAC validation functionality.
These are the steps:
- Install the library: Run
Install-Package SDK.Api.Contracts. - Use the HMAC Service: Utilize the
HmacServiceclass, which handles all HMAC calculation and validation logic automatically.
Custom Implementation (Non-C# Developers)
If you are not using C#, you should replicate the logic found in the Nayax SDK:
- Reference Library:
SDK.Api.Contracts - Reference Class:
HmacService - Key Functions:
CalculateHmac()andValidateHmac()
Security Best Practices
To keep your HMAC secret and webhook integration secure, follow these guidelines:
| DO | DON'T |
|---|---|
| Store in environment variables | Hardcode in the source code |
| Use secrets management (Azure Key Vault, AWS Secrets Manager) | Commit to version control |
| Restrict access to production keys | Share via email or chat |
| Always validate HMAC before processing notifications | Log keys in error messages |
Updated about 2 hours ago