# Webhooks
Webhooks allow you to notify external services when certain events occur in Invoiless.
# Security
To validate the signature you received from Invoiless, you can generate the signature using your secret and compare it with the signature you received in the request.
- Using the HMAC SHA-256 algorithm, create a hash of the entire received payload as binary.
- Encode the binary hash in base64 format.
- Add prefix
sha256=to the binary hash. - Compare the created value with the signature you received in the
invoiless-signatureheader from Invoiless.
# Payload
The body of the webhook will be in JSON format:
{
"type": "EventType",
"data": {
// ...
}
}
# Notes
- To confirm receipt of a webhook event, your server endpoint should return a 200 OK HTTP status code. Any other HTTP response code will be treated as a failure.
- Invoiless waits for a maximum of 10 seconds for your server to respond to the HTTP POST request.
# Event Types
You can configure your webhook to be triggered by the following events:
| Event | Description |
|---|---|
| InvoiceCreated | An invoice was created |
| InvoiceUpdated | An invoice was updated |
| InvoicePaid | An invoice was paid |
| InvoiceDeleted | An invoice was deleted |
| EstimateAccepted | An estimate was accepted |