Webhooks

Selly provides a webhooks system allowing you to subscribe to to events with Webhook Endpoints, alongside Product/Payment Order status webhooks and Dynamic Product webhooks.


Events

Each webhook request will feature a X-Selly-Event header containing the webhook event type. A list of supported events from Webhook Endpoints can be found below.

  • Name
    feedback:created
    Type
    Description

    When a feedback is initially created.

  • Name
    feedback:updated
    Type
    Description

    Each time a feedback is updated.

  • Name
    order:created
    Type
    Description

    When an order is initially created.

  • Name
    order:updated
    Type
    Description

    Each time an order is updated.

  • Name
    order:paid
    Type
    Description

    When the order has been marked as completed.

  • Name
    product:out_of_stock
    Type
    Description

    When a product has ran out of stock.

  • Name
    query:created
    Type
    Description

    When a query is initially created

  • Name
    query:replied
    Type
    Description

    When a query has received a new reply.


Signing/Validating

To verify the authenticity of a webhook request and its payload, each webhook request includes a X-Selly-Signature header with a HMAC signature comprised of the JSON encoded request body and your webhook secret. Your webhook secret can be changed in your settings page.

Validating Signed Webhook Signature

require 'openssl'
require 'active_support'
secret = 'your webhook secret'
signature = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha512'), secret, payload.to_json)
is_valid_signature = ActiveSupport::SecurityUtils.secure_compare(request.headers['X-Selly-Signature'], signature)
if is_valid_signature
    # Webhook is valid
end