The guide mandates that you validate the X-APTRA-Signature header on every incoming webhook. The signature is an HMAC-SHA256 of the raw payload, using your tenant secret as the key.
The authorization response. It contains the approval/decline code, screen messages for the consumer, and specific hardware instructions (e.g., "Dispense 2 bills from Cassette 1"). Anatomy of an NDC Message Buffer A standard message packet contains: Header: Communication routing info. aptra advance ndc developer-s guide