Webhooks
HTTP Requests
Every webhook request we send to partners has the following characteristics.
HTTP Protocol
All webhook requests can only be sent to HTTPS endpoints with an official and valid TLS certificate.
HTTP Method
All webhook requests are sent as POST HTTP requests.
Headers
Expect the following headers to be sent with every Webhook request.
| Name | Description |
|---|---|
Content-Type | application/json |
User-Agent | SelfmadeEnergy-Webhook/v2 |
X-SME-API-Version | API schema version used for this Webhook request – currently always v2 |
X-SME-Webhook-Event | Type of event, e.g. lead.created – see event reference |
X-SME-Webhook-Subscription | Internal identifier for the partner ↔︎ event relationship |
X-SME-Webhook-Signature | An HMAC hash of the request body created using the partner's secret as the key and SHA256 as the hashing algorithm – see here for details |
X-SME-Webhook-Delivery | Unique identifier for the delivery of this webhook request |
Body
{
"api_version": "v2",
"event": "lead.created",
"payload": {
// see below
}
}
For the structure of the payload please refer to the Payload reference.
Server Response
To indicate a successful handling of the webhook your endpoint is expected to return a response with an HTTP 2xx status code. If it does not, the delivery is considered a failure. In that case our server will retry to deliver the webhook request up to five times with increasing intervals.