Webhooks

Webhooks are HTTP callbacks which can be used to send notifications when data in Print.one is changed, allowing external systems to react to changes in this data. An example would be update a CRM or send a notification to other third-party software.

Overview

Triggers and payloads

The different types of triggers Print.one's system sends are found on our API documentation. Each event will also show a preview of the data which you can expect when the specific webhook was triggered.

Timeouts

Webhook requests will timeout if the recipient server does not respond within a maximum of 30 seconds. A webhook request that times out will be considered failed. Therefore we recommend to process webhook requests asynchronously.

Local testing

For local testing we recommend using httpdump.app to inspect webhook emissions or ngrok to build webhook consumers on your development machine.

Configuring a webhook

In the sidebar navigation open Integrate → Webhooks. Click Create webhook, configure the webhook and save the configuration.

Triggers

You will be able to configure your webhook to subscribe to multiple events. Doing so will trigger the webhook configuration if any of those triggers are detected in our system.

Headers

By default, all webhooks come contain the following headers

Header name

Value

x-printone-event

trigger-type

x-printone-hmac-sha256

Webhook signature, used to validate the request

content-type

application/json

user-agent

Print.one Webhook Service

Disabling a webhook

Sometimes you may need to disable a webhook. You might be doing maintenance to the server receiving webhooks or you might have different issues.

From within the configuration you can mark the webhook as non-active. By disabling the Active-checkbox, the system will no longer send webhook events to the remote server.

Request verification

How does webhook request verification work?

On your webhook overview page you will find your webhook secret. This secret is used to generate a signature of the request body. When a consuming service receives a request, it can compute the same signature with the shared secret to validate the origin of the request. Because of this validation, it is important not to share your secret with any third party.

Verifying requests on backend

When attempting to validate incoming requests our javascript-library can be used to do so. Or - you can replicate the same logic in any other programming language.