Webhooks
Webhooks provide a powerful way to receive real-time notifications of events in your system.
Overview
When certain events occur, our API will send an HTTP POST request to the specified URL, delivering a payload with event details. This enables you to automate reactions or synchronize data without the need for polling.
Events
Here are the currently supported events you can subscribe to:
pud:status_update
Status changes on a PUD
pud:price_update
Price changes on a PUD
Company API token
The URL to send the webhook to
https://example.com/webhook
A secret to sign the webhook with
supersecret
POST /api/v3/webhooks HTTP/1.1
Host:
x-api-token: text
Content-Type: application/json
Accept: */*
Content-Length: 125
{
"callbackUrl": "https://example.com/webhook",
"enabledEvents": [
"pud:status_update",
"pud:price_update"
],
"secret": "supersecret"
}
{
"id": "60f8c3b3c4e5c3001f5b5c3e",
"callbackUrl": "https://example.com/webhook",
"enabledEvents": [
"pud:status_update",
"pud:price_update"
],
"createdAt": "2021-07-22T15:00:35.000Z",
"updatedAt": "2021-07-22T15:00:35.000Z"
}
Webhook id
Company API token
GET /api/v3/webhooks/{id} HTTP/1.1
Host:
x-api-token: text
Accept: */*
{
"id": "60f8c3b3c4e5c3001f5b5c3e",
"callbackUrl": "https://example.com/webhook",
"enabledEvents": [
"pud:status_update",
"pud:price_update"
],
"createdAt": "2021-07-22T15:00:35.000Z",
"updatedAt": "2021-07-22T15:00:35.000Z"
}
Company API token
GET /api/v3/webhooks HTTP/1.1
Host:
x-api-token: text
Accept: */*
[
{
"id": "60f8c3b3c4e5c3001f5b5c3e",
"callbackUrl": "https://example.com/webhook",
"enabledEvents": [
"pud:status_update",
"pud:price_update"
],
"createdAt": "2021-07-22T15:00:35.000Z",
"updatedAt": "2021-07-22T15:00:35.000Z"
}
]
Webhook id
Company API token
The URL to send the webhook to
https://example.com/webhook
PATCH /api/v3/webhooks/{id} HTTP/1.1
Host:
x-api-token: text
Content-Type: application/json
Accept: */*
Content-Length: 102
{
"callbackUrl": "https://example.com/webhook",
"enabledEvents": [
"pud:status_update",
"pud:price_update"
]
}
{
"id": "60f8c3b3c4e5c3001f5b5c3e",
"callbackUrl": "https://example.com/webhook",
"enabledEvents": [
"pud:status_update",
"pud:price_update"
],
"createdAt": "2021-07-22T15:00:35.000Z",
"updatedAt": "2021-07-22T15:00:35.000Z"
}
Webhook payloads
When an event occurs, we'll send a POST request to the callback_url. The data object will depend on the eventType. See the payload data examples below.
Headers
X-Hub-Signature-256
sha256=<signature>
Body
id
string
Id of event
eventType
string
Type of event
timestamp
Date
Date and time of event
data
object
Payload data (see below)
Validating webhook deliveries
If you provided a secret when creating a webhook, Gire will use it, along with the payload, to create a hash signature that is sent in the X-Hub-Signature-256
header. You can use this to verify the integrity and authenticity of the webhook payload.
Example validation
Receive payload and signature: Your server gets the payload and the
X-Hub-Signature-256
header.Generate signature: Use HMAC SHA-256 with the secret and the raw payload to compute a hash.
Compare signature: Compare your computed hash with the signature received in the header. If they match, the payload is verified and authentic.
Last updated