# Webhooks

Webhooks allow you to notify external services when certain events occur in Invoiless.

# Security

To validate the signature you received from Invoiless, you can generate the signature using your secret and compare it with the signature you received in the request.

  1. Using the HMAC SHA-256 algorithm, create a hash of the entire received payload as binary.
  2. Encode the binary hash in base64 format.
  3. Add prefix sha256= to the binary hash.
  4. Compare the created value with the signature you received in the invoiless-signature header from Invoiless.

# Payload

The body of the webhook will be in JSON format:

  "type": "EventType",
  "data": {
    // ...

# Notes

  • To confirm receipt of a webhook event, your server endpoint should return a 200 OK HTTP status code. Any other HTTP response code will be treated as a failure.
  • Invoiless waits for a maximum of 10 seconds for your server to respond to the HTTP POST request.

# Event Types

You can configure your webhook to be triggered by the following events:

Event Description
InvoiceCreated An invoice was created
InvoiceUpdated An invoice was updated
InvoicePaid An invoice was paid
InvoiceDeleted An invoice was deleted
EstimateAccepted An estimate was accepted