Can you call a webhook instead of having front-end receive the on transaction complete?
Two issues:
Malicious users can just manually call whatever we do with the result of this function.
When users have multiple panels open, this gets called multiple times
Blockquote
window.Twitch.ext.bits.onTransactionComplete(closure)
Blockquote
Dist
November 11, 2020, 4:54pm
2
There is a webhook topic for transactions https://dev.twitch.tv/docs/api/webhooks-reference#topic-extension-transaction-created
Which is why transaction receipts are signed, and any action your EBS takes should verify that signature to prevent malicious users from faking a transaction.
1 Like
@CVS-Gaming Thanks @Dist ! That’s correct, please ensure transaction receipts are validated using your extensions shared secret.