Webhooks
In the Lochting software, webhooks are automated notifications that send real-time event data to an external URL when something changes on the platform.
How it works
When a webhook is triggered, the platform sends a POST request to the URL you
configured. The request body is a JSON payload with data relevant to the event.
Example payload:
{
"id": "order-76db8ac0-2d3a-45fc-956a-da4525361492",
"webhookId": "webhook-be3768e4-8caf-43b6-bb66-32c8cb00cede",
"webhookType": "orderStatusWasUpdated",
"on": "2020-02-25 10:20:30"
}
The on field in webhook payloads uses a space-separated datetime string. Other
API date-time fields use ISO 8601 UTC strings (for example
2020-02-25T10:20:30+00:00).
Managing webhooks
Through the API you can create, list,
delete, and test webhooks. Your API
key must include the webhooks scope.
Use the Test Webhook endpoint during development to verify your endpoint receives and handles payloads correctly.
Security
For increased security, configure an optional secret per webhook. When set, the
secret is sent with every call in the X-Webhook-Secret request header. Verify
this header in your handler to ensure the request originated from Lochting.