Docs
Docs
API Reference
Home
Getting started
concepts
Core resources
Webhooks
Payments
Accept a payment
More payment methods
Billing
Subscriptions
Invoices
Owners
Create an owner
Platforms
Getting started
OAuth
Making requests on-behalf of accounts
Handle onboarding
Account branding
Yorlet.js
Powered by GitBook

Webhooks

Listen for new events created by Yorlet a trigger actions.

Webhooks allow you to react to events in real-time instead of polling our API for updates. The webhook endpoint is a URL that can accept a POST request with the event data in JSON format.

Events

You can see the full list of events we send here.

Securing your endpoint

Once your server is configured to receive payloads, it'll listen for any payloads sent to the endpoint you configured. Each webhook endpoint you create will get a secret token Yorlet will use to sign the events. For security reasons, you probably want to verify that the payloads are coming from Yorlet.

Example of a server verifying webhook payload

Node
Node
// This example uses Express to receive webhooks
const express = require('express');
var crypto = require('crypto')
const app = express();
app.use(require('body-parser').raw({ type: '*/*' }));
app.post('/yorlet-webhook', (req, res) => {
  const signature = request.header('X-Yorlet-Signature')
  const hmac = crypto.createHmac('sha256', '{{WEBHOOK_SECRET}}')
  hmac.update(req.body.toString())
  
  if(hmac.digest('base64') !== signature) {
    return res.status(401).send("Signatures didn't match")
  }
  /* Get the JSON data */
  const event = JSON.parse(req.body.toString());
  return res.status(200).send({received: true});
});
app.listen(8000);
Previous
Units
Next - Payments
Accept a payment
Last updated 8 months ago
Contents
Events
Securing your endpoint