# Notification URL Verification To ensure endpoint availability, Aurinko performs a validation handshake when a subscription is created.
1. **The Verification Request**\ When you call the POST `/v1/subscriptions` endpoint, Aurinko immediately sends a POST request to your provided notificationUrl. \ \ **Request Details:** * **Method:** POST * **Query Parameter:** validationToken (a random string generated by Aurinko) \ **Example Request:** ``` Content-Type: text/plain; charset=utf-8 POST https://{notificationUrl}?validationToken={challenge} ``` 2. **Your Server’s Response**\ Verify request see Authentication. Your endpoint must respond to this POST request to prove it is active and authorized to receive notifications. * **Status Code:** 200 OK * **Content-Type:** text/plain * **Response Body:** Must contain only the value of the [validationToken](#user-content-fn-1)[^1] parameter received in the request.\ \ **Example Response:** ``` HTTP/1.1 200 OK Content-Type: text/plain 679732f7-8775-4340-a33d-713217277682 ``` 3. **Critical Requirements** * **Timeout:** Your server must respond within 30 seconds. If the request times out or returns an error (e.g., 4xx or 5xx), the subscription creation will fail. * **Plain Text:** Ensure your framework does not wrap the token in JSON or HTML. It must be a raw string response.\ \ **Subscription Workflow Summary** 1. **Register:** Your app calls POST `/v1/subscriptions`. 2. **Verify:** Aurinko calls your URL via POST with a validationToken. 3. **Confirm:** Your server returns the token. 4. **Activate:** Aurinko returns a 200 Success to your original registration call and begins sending POST notifications. [^1]: