Webhooks
Webhooks
23 eventsReal-time event notifications from Tracktile. Receive instant updates when orders change, shipments move, or inventory shifts.
Quick Start
Section titled “Quick Start”Event Catalog
Browse all available webhook events
Security
Verify webhook signatures and secure your endpoints
How Webhooks Work
Section titled “How Webhooks Work”- You register a webhook URL in Tracktile
- Tracktile generates a unique signing secret for your webhook
- When an event occurs, Tracktile sends a signed HTTP POST to your URL
- Your server verifies the signature and processes the event
All webhook payloads are signed with HMAC-SHA256. See Webhook Security for verification details.
Setting Up Webhooks
Section titled “Setting Up Webhooks”Via API
Section titled “Via API”curl -X POST "https://api.tracktile.io/hooks" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE" \ -H "Content-Type: application/json" \ -d '{ "name": "My Webhook", "url": "https://your-server.com/webhook", "on": "order.status.changed" }'The response includes a secret field—save it immediately as it’s only shown once. You’ll need this secret to verify webhook signatures.
Via CLI
Section titled “Via CLI”tt webhooks register \ --name="My Webhook" \ --on="order.status.changed" \ --url="https://your-server.com/webhook"Via the Tracktile App
Section titled “Via the Tracktile App”- Navigate to Admin > Settings > Webhooks
- Click Create Webhook
- Enter the webhook name, URL, and select the event type
Managing Webhooks
Section titled “Managing Webhooks”List Webhooks
Section titled “List Webhooks”curl "https://api.tracktile.io/hooks" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE"Update a Webhook
Section titled “Update a Webhook”curl -X PUT "https://api.tracktile.io/hooks/{id}" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE" \ -H "Content-Type: application/json" \ -d '{ "name": "Updated Webhook", "status": "paused" }'Delete a Webhook
Section titled “Delete a Webhook”curl -X DELETE "https://api.tracktile.io/hooks/{id}" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE"Rotate a Webhook Secret
Section titled “Rotate a Webhook Secret”If your webhook secret is compromised, rotate it immediately:
curl -X POST "https://api.tracktile.io/hooks/{id}/rotate" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE"The old secret is immediately invalidated. Save the new secret from the response.
Webhook Payload Structure
Section titled “Webhook Payload Structure”All webhook payloads are sent as JSON with event-specific data:
{ "id": "evt_abc123", "kind": "order.status.changed", "time": "2024-01-15T10:30:00Z", "transactionId": "txn_xyz789", "orderId": "ord_456", "previousOrderStatus": "pending", "currentOrderStatus": "confirmed"}The payload structure varies by event type. See the Event Catalog for details on each event.
Testing Webhooks
Section titled “Testing Webhooks”Use the test endpoint to verify your webhook is configured correctly:
curl -X POST "https://api.tracktile.io/hooks/{id}/test" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE"This sends a test event to your webhook URL.
Webhook Status
Section titled “Webhook Status”Webhooks can have the following statuses:
Status Values
active Webhook is enabled and receiving events
paused Webhook is disabled and not receiving events
Execution History
Section titled “Execution History”View recent webhook executions:
curl "https://api.tracktile.io/hooks/{id}/executions" \ -H "Authorization: Bearer api-YOUR_TOKEN_HERE"Returns the execution history including HTTP status codes and response details.
Event Types
Section titled “Event Types”See the Event Catalog for all available event types.