Listen for new events created by Yorlet a trigger actions.

Webhooks allow you to react to events in real-time instead of polling our API for updates. The webhook endpoint is a URL that can accept a POST request with the event data in JSON format.


You can see the full list of events we send here.

Securing your endpoint

Once your server is configured to receive payloads, it'll listen for any payloads sent to the endpoint you configured. Each webhook endpoint you create will get a secret token Yorlet will use to sign the events. For security reasons, you probably want to verify that the payloads are coming from Yorlet.

Example of a server verifying webhook payload

// This example uses Express to receive webhooks
const express = require('express');
var crypto = require('crypto')
const app = express();
app.use(require('body-parser').raw({ type: '*/*' }));
app.post('/yorlet-webhook', (req, res) => {
const signature = request.header('X-Yorlet-Signature')
const hmac = crypto.createHmac('sha256', '{{WEBHOOK_SECRET}}')
if(hmac.digest('base64') !== signature) {
return res.status(401).send("Signatures didn't match")
/* Get the JSON data */
const event = JSON.parse(req.body.toString());
return res.status(200).send({received: true});