This page will help you get started with our webhooks.
externalOrder
field is not available in the alert.created
event.
Please use the alert.updated
event if you require this field.svix-signature
. The value in this header is an HMAC-SHA256 encoded string using the payload of the request with the webhook secret as key.
In order to authenticate the request, you perform a HMAC-SHA256 encoding using a concat of webhook request body, svix_timestamp
and svix_id
and your webhook secret (whsec_xxxxxxxxxxxx) and ensure these strings match. Then input string to SHA256 HMAC will look like:
signedContent = "${svix_id}.${svix_timestamp}.${body}"
This is a common method for ensuring that the webhook messages you receive in your server are from a trusted source and haven’t been tampered with.
bm9ldHUjKzFob2VudXRob2VodWUzMjRvdWVvdW9ldQo=
.
alert.created
: transmitted when an alert is first created.alert.updated
: transmitted when an alert’s status is updated. Use this if you require externalOrder
the field.alert.refunded
: transmitted when an alert triggers a transaction to be refunded.