Endpoints to allow you to create and manage webhooks that will be called when a special event occurs. On this special event Verifiable will attempt to make an HTTP POST to the URL specified in the webhook. The payload of this request can vary, depending on the type. The type is included in the X-WebhookType header. This allows you to register multiple webhooks on the same endpoint and still be able to distinguish the webhook types. The webhook dispatcher expects the remote server to return an HTTP success status code. If it cannot be delivered, it will retry the callback a maximum of 10 times with a 30 second interval.

By default we do not allow you to use insecure URLs for callbacks. You can optionally create a webhook that allows insecure URLs for testing purposes. We recommend you to use an HTTPS callback with a valid SSL certificate so that the integrity of the callback is ensured. For added security we will pass the webhook id (which is only known to the creator) in the X-WebhookId header and we will pass an optional secret in the X-Secret header.

To be able to uniquely track webhook messages we also include the X-TraceId header. This will contain a unique value that doesn't change for every attempt we make to send a specific message. You can use this to keep a log of all messages that you have successfully processed.

You can refer to Webhook Callbacks to find the model that is included in the payload of the HTTP request to the callback URL.