Webhook Validation
All URLs are validated through a simple token exchange mechanism so we may trust that you actually control the target server. Note that validation happens right at webhook creation, meaning that we will issue a request to you before successfully registering the webhook. The validation will send a GET
request to your url
with a query string of check=<random_string>
, your webhook server should respond back with the <random_string>
to be validated.
For example:
https://yourwebsite.com/webhooks/?check=example
In the above example URL, you should return a HTTP 200 (HTTP 204 is not accepted, even though that is considered a successful response) along side with the string example
. The string will change with each webhook trigger, so it's necessary to have the same string that was returned to our server for validation.
Timed out Timer
When processing webhooks, please make sure that HTTP 200 is sent immediately, as the request will time out in 10 seconds.
Automatic validation
If you use Zapier webhooks instead of your own backend's, validation will be automatic.
Serverless
In the case that you do not have a server of your own, i.e. using another 3rd party platform, we recommend using services such as AWS Lambda functions. They can return the validation requirements back to our server, and redirect the payload further downstream to your integration platform.