Webhooks
We can send notifications about the progress of certain async processes to a URL of your choice. You can configure the webhook URL in the Heron dashboard.
This is an example structure of our webhooks:
Where:
topicis the topic of this webhook in the format<resource>.<event>. Currently we support webhooks for the following topics:end_user.processed, triggered when asynchronous automated processing of an end user has finished. Processing is started after the EndUser status is set to "ready".end_user.reviewed, triggered when an underwriter / Heron has manually reviewed a company and set the EndUser status to "reviewed"end_user.transactions_updated, triggered within 10 minutes of the last change on transactions for a given end user (e.g. after feedback on category).
createdis the UTC datetime when the webhook was sent, in ISO format.datacontains the data of the resource which relates to this event.meta(optional) contains further information about the event.
Verification#
We send a Heron-Signature header in every webhook request. This header is a
base64-encoded HMAC SHA256 digest of your shared secret and the webhook's
payload.
To verify the webhook was sent by us, calculate the digital signature using the
same algorithm and compare it to the Heron-Signature header.
Here is an example of how to calculate the signature in Python:
And in JavaScript (Node):