Salesbricks provides webhook support, allowing you to extend its functionality by integrating with external systems, services, or custom workflows. Webhooks enable real-time notifications and data synchronization, enhancing your overall experience with Salesbricks.

Getting Started

To begin working with webhooks, ensure that you configure and enable the specific webhooks you intend to consume. You can do this through the integrations setting UI available here.

Payload Signature

To verify that a payload originated from Salesbricks, a signature will be sent in the X-SALESBRICKS-KEY header. Follow the instructions below to validate the signature.

import hmac
import base64
from hashlib import sha512

def validate_signature(api_token: str, payload: str, header_signature: str):
    """
    :param api_token: Your salesbricks API Token
    :param payload: the request payload as a string, ex: request.get('body')
    :param header_signature: signature received with payload, ex: request.get('X-SALESBRICKS-KEY')
    """
    import hmac
    from hashlib import sha512
    import base64

    hmac_hash = hmac.new(
        api_token.encode("utf-8"), payload.encode("utf-8"), digestmod=sha512
    )
    expected_signature = base64.b64encode(hmac_hash.digest()).decode()
    if header_signature != expected_signature:
        raise Exception("Webhook signature did not match!")
const crypto = require('crypto');

function validateSignature(apiToken, payload, headerSignature) {
  const hmacHash = crypto
    .createHmac('sha512', apiToken)
    .update(payload, 'utf-8')
    .digest('base64');
  const expectedSignature = hmacHash.toString('base64');

  if (headerSignature !== expectedSignature) {
    throw new Error('Webhook signature did not match!');
  }
}

let payload = '{"test": "test_generate_signature"}';
let apiToken = '33a6a6e4-d7ee-4cb3-affb-26535882bf85';
let headerSignature =
  '+QjBChyGVwNThk1PWkrEoyoXNiZ5uzNiIFlMJd8vOi744tmRlcTkNMLpg4+zd7nGWn5DcN7IFnEmAoBlh4rVFA=';

try {
  validateSignature(apiToken, payload, headerSignature);
  console.log('Signature is valid');
} catch (error) {
  console.error(error.message);
}

Ensure to replace the placeholder values (apiToken, payload, headerSignature) with the actual values from your Salesbricks setup.

This signature verification process ensures the integrity and authenticity of webhook payloads received from Salesbricks.