Webhooks
Webhooks send real-time notifications to your systems when events happen in Veribl — like a new registration or product scan.
Access Webhooks
Click Webhooks in the sidebar (under Configuration).
Create a webhook endpoint
- Click New Endpoint
- Enter your endpoint URL — the HTTPS URL that will receive webhook payloads
- Select the events you want to receive
- Click Save
Supported events
| Event | Triggered when |
|---|---|
| consumer.registered | A consumer registers a product |
| consumer.scanned | A consumer scans a product QR code |
| consumer.chat_completed | An AI Support Chat session ends |
| consumer.feedback_submitted | A consumer submits feedback |
| consumer.unsubscribed | A consumer unsubscribes from emails |
Webhook payload
Each webhook delivery sends a JSON payload with:
- event — the event type (e.g.,
consumer.registered) - timestamp — when the event occurred
- data — event-specific data (consumer details, product info, etc.)
Security — HMAC-SHA256 signing
Every webhook delivery includes a signature header for verification. Veribl signs payloads using HMAC-SHA256:
- When you create an endpoint, Veribl generates a signing secret
- Each delivery includes an
X-Veribl-Signatureheader - Verify the signature on your server by computing the HMAC-SHA256 of the payload using your secret
- Reject deliveries with invalid signatures
Tip: Always verify webhook signatures in production to prevent spoofed requests.
Test a webhook
- Open your webhook endpoint
- Click Send Test
- Veribl sends a test payload to your endpoint
- Check the delivery log to see the response
Delivery logs
View the delivery history for each endpoint:
- Click on a webhook endpoint
- Click Deliveries to see all delivery attempts
- Each entry shows: event type, timestamp, response status, and payload
Retry behavior
If your endpoint returns an error (non-2xx status code), Veribl retries the delivery up to 3 times with increasing delays.
Related
- API Keys — generating API keys for direct API access