Muhtasari
Ukisanidi webhooks, wakati matukio kama kutuma, kufungua, au kubofya barua pepe yanapotokea, ombi la HTTP POST litatumwa kwa URL uliyobainisha.
Webhooks zinaweza kusanidiwa katika Dashibodi > Webhooks.
Aina za matukio
| Event | Description |
|---|---|
email.sent |
Barua pepe inapotumwa |
email.delivered |
Barua pepe inapofikishwa kwa mpokeaji |
email.opened |
Mpokeaji anapofungua barua pepe |
email.clicked |
Mpokeaji anapobofya kiungo kwenye barua pepe |
email.bounced |
Barua pepe inapodunda |
email.complained |
Mpokeaji anaporipoti kama barua taka |
subscriber.created |
Msajiliwa mpya anapoongezwa |
subscriber.unsubscribed |
Msajiliwa anapojitoa |
campaign.sent |
Utumaji wa kampeni unapoanza |
campaign.completed |
Utumaji wa kampeni unapokamilika |
Muundo wa payload
Maombi yote ya webhook yanajumuisha payload ya JSON katika muundo ufuatao:
{
"event": "email.opened",
"timestamp": "2026-01-10T12:00:00+00:00",
"data": {
"campaign_id": 123,
"campaign_uuid": "abc-123...",
"campaign_name": "January Newsletter",
"subscriber_id": 456,
"subscriber_uuid": "def-456...",
"subscriber_email": "user@example.com",
"ip_address": "1.2.3.4",
"user_agent": "Mozilla/5.0...",
"occurred_at": "2026-01-10T12:00:00+00:00"
}
}Vichwa vya ombi
| Header | Description |
|---|---|
Content-Type |
application/json |
X-Webhook-ID |
UUID ya webhook |
X-Webhook-Event |
Aina ya tukio (mfano: email.opened) |
X-Webhook-Signature |
Saini ya HMAC-SHA256 |
Uthibitishaji wa saini
Thibitisha kichwa cha X-Webhook-Signature kuthibitisha uhalisi wa ombi la webhook. Saini ni hash ya HMAC-SHA256 ikitumia siri ya webhook na mwili wa ombi.
Mfano wa PHP
<?php
$payload = file_get_contents('php://input');
$signature = $_SERVER['HTTP_X_WEBHOOK_SIGNATURE'];
$secret = 'your_webhook_secret';
$expected = 'sha256=' . hash_hmac('sha256', $payload, $secret);
if (!hash_equals($expected, $signature)) {
http_response_code(401);
die('Invalid signature');
}
$data = json_decode($payload, true);
// Process the event...Mfano wa Node.js
const crypto = require('crypto');
function verifySignature(payload, signature, secret) {
const expected = 'sha256=' + crypto
.createHmac('sha256', secret)
.update(payload)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(expected),
Buffer.from(signature)
);
}
// Express.js example
app.post('/webhook', (req, res) => {
const signature = req.headers['x-webhook-signature'];
const payload = JSON.stringify(req.body);
if (!verifySignature(payload, signature, 'your_secret')) {
return res.status(401).send('Invalid signature');
}
// Process the event...
res.status(200).send('OK');
});Sera ya kujaribu tena
- • Ikiwa utumaji wa webhook unashindikana (majibu yasiyo 2xx), haijaribiwa tena kiotomatiki.
- • Baada ya kushindikana mfululizo mara 5, webhook inazimwa kiotomatiki.
- • Webhooks zilizozimwa zinaweza kuwashwa tena kwenye dashibodi.
- • Muda wa majibu lazima uwe ndani ya sekunde 10.
Mazoea bora
- • Daima thibitisha saini kuthibitisha uhalisi wa ombi.
- • Sindika webhooks haraka iwezekanavyo (ndani ya sekunde 5).
- • Weka kazi ndefu kwenye foleni na urudishe 200 OK mara moja.
- • Tumia vituo vya HTTPS kutuma data kwa usalama.