Webhooks
Receive real-time notifications when events occur in Vavolta.
Overview
Webhooks allow you to receive real-time notifications when events occur in your Vavolta account. When an event happens, we send an HTTP POST request to your configured endpoint.
Events
| Event | Description |
|---|---|
link.created | A new access link was created |
link.accessed | Someone viewed a lead magnet |
form.submitted | A form submission occurred (Public Form) |
session.ended | A viewing session ended |
Creating a Webhook
Via Dashboard
- Go to Settings > Developer
- Click Create Webhook
- Enter your endpoint URL
- Select the events you want to receive
- Click Create
Via API
POST/api/v1/webhooks
cURL CommandN8N Ready
Payload Structure
All webhook payloads follow this structure:
json
Signature Verification
All webhook requests include a signature in the X-Webhook-Signature header. Verify this signature to ensure the request came from Vavolta.
Verification Steps
- Get the raw request body
- Get the signature from the header
- Compute HMAC-SHA256 of the body using your webhook secret
- Compare signatures using timing-safe comparison
JavaScript Example
javascript
Always verify webhook signatures in production to prevent spoofed requests.
Retry Policy
If your endpoint returns a non-2xx status code, we'll retry the webhook:
- 1st retry: After 1 minute
- 2nd retry: After 5 minutes
- 3rd retry: After 30 minutes
- 4th retry: After 2 hours
- 5th retry: After 24 hours
After 5 failed attempts, the webhook will be marked as failed.
Testing Webhooks
Use the Test button in the webhook settings to send a test payload to your endpoint. This helps verify your integration is working correctly.
Managing Webhooks
List Webhooks
GET/api/v1/webhooks
Update Webhook
PATCH/api/v1/webhooks/{id}
Delete Webhook
DELETE/api/v1/webhooks/{id}
Rotate Secret
POST/api/v1/webhooks/{id}/rotate-secret
Rotate your webhook secret periodically for better security.