Documentation Index
Fetch the complete documentation index at: https://docs.g-tateth.com/llms.txt
Use this file to discover all available pages before exploring further.
Webhooks allow you to receive real-time notifications when events occur in your G-Tateth account.
Overview
Instead of polling the API for changes, webhooks push events to your application in real-time. This is more efficient and provides better user experience.
Creating a Webhook
Create a webhook through the API:
curl -X POST https://api.g-tateth.com/api/v1/webhooks \
-H "Authorization: Bearer sk_live_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"name": "My Webhook",
"url": "https://myapp.com/webhooks/g-tateth",
"events": ["conversation.created", "customer.updated"],
"retryPolicy": {
"maxRetries": 3,
"backoffStrategy": "exponential"
}
}'
Supported Events
Conversation Events
conversation.created - New conversation createdconversation.updated - Conversation updatedconversation.assigned - Conversation assigned to agentconversation.closed - Conversation closed
Customer Events
customer.created - New customer createdcustomer.updated - Customer updated
Message Events
message.sent - Message sentmessage.received - Message received
User Events
user.created - New user createduser.updated - User updated
Call Events
call.initiated - Call has been initiatedcall.ringing - Call is ringingcall.answered - Call has been answeredcall.completed - Call has completedcall.failed - Call failedcall.recording.available - Call recording is available
Webhook Payload
When an event occurs, we’ll send a POST request to your webhook URL:
{
"event": "conversation.created",
"timestamp": "2024-01-01T12:00:00Z",
"data": {
"_id": "...",
"subject": "Customer inquiry",
"status": "open",
"channel": "email",
"customerId": {
"profile": {
"firstName": "John",
"lastName": "Doe",
"email": "john@example.com"
}
}
}
}
Signature Verification
Each webhook request includes an X-Webhook-Signature header for verification. Always verify signatures to ensure requests are from G-Tateth.
JavaScript/Node.js
const crypto = require('crypto');
function verifyWebhook(payload, signature, secret) {
const hash = crypto
.createHmac('sha256', secret)
.update(JSON.stringify(payload))
.digest('hex');
const expectedSignature = `sha256=${hash}`;
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expectedSignature)
);
}
// Express.js example
app.post('/webhooks/g-tateth', express.raw({ type: 'application/json' }), (req, res) => {
const signature = req.headers['x-webhook-signature'];
const secret = process.env.WEBHOOK_SECRET;
if (!verifyWebhook(req.body, signature, secret)) {
return res.status(401).send('Invalid signature');
}
const event = JSON.parse(req.body);
// Process event...
res.status(200).send('OK');
});
Python
import hmac
import hashlib
import json
def verify_webhook(payload, signature, secret):
hash = hmac.new(
secret.encode('utf-8'),
json.dumps(payload).encode('utf-8'),
hashlib.sha256
).hexdigest()
expected_signature = f'sha256={hash}'
return hmac.compare_digest(signature, expected_signature)
# Flask example
@app.route('/webhooks/g-tateth', methods=['POST'])
def webhook():
signature = request.headers.get('X-Webhook-Signature')
secret = os.environ.get('WEBHOOK_SECRET')
if not verify_webhook(request.json, signature, secret):
return 'Invalid signature', 401
event = request.json
# Process event...
return 'OK', 200
Retry Policy
Webhooks are automatically retried on failure:
- Max Retries: Configurable (default: 3)
- Backoff Strategy:
linear or exponential (default: exponential)
- Exponential: 2s, 4s, 8s, 16s…
- Linear: 5s, 10s, 15s…
Configuring Retry Policy
{
"name": "My Webhook",
"url": "https://myapp.com/webhooks",
"events": ["conversation.created"],
"retryPolicy": {
"maxRetries": 5,
"backoffStrategy": "exponential"
}
}
Testing Webhooks
Test your webhook endpoint:
curl -X POST https://api.g-tateth.com/api/v1/webhooks/{webhook_id}/test \
-H "Authorization: Bearer sk_live_your_api_key"
Delivery Logs
View webhook delivery history:
curl https://api.g-tateth.com/api/v1/webhooks/{webhook_id}/logs \
-H "Authorization: Bearer sk_live_your_api_key"
Best Practices
1. Always Verify Signatures
Never trust requests without signature verification:
if (!verifyWebhook(payload, signature, secret)) {
return res.status(401).send('Invalid signature');
}
2. Respond Quickly
Return 200 within 5 seconds. Process events asynchronously:
app.post('/webhooks/g-tateth', (req, res) => {
// Acknowledge immediately
res.status(200).send('OK');
// Process asynchronously
processWebhookAsync(req.body);
});
3. Handle Duplicates
Events may be delivered multiple times. Make handlers idempotent:
const processedEvents = new Set();
function handleWebhook(event) {
if (processedEvents.has(event.id)) {
return; // Already processed
}
processEvent(event);
processedEvents.add(event.id);
}
4. Use HTTPS
Webhooks must use HTTPS URLs. HTTP is not supported for security reasons.
5. Idempotency
Make your webhook handlers idempotent - processing the same event multiple times should have the same effect:
async function handleConversationCreated(event) {
const conversationId = event.data._id;
// Check if already processed
const existing = await db.conversations.findOne({ id: conversationId });
if (existing) {
return; // Already processed
}
// Process event
await db.conversations.create(event.data);
}
Troubleshooting
Webhook Not Receiving Events
- Check webhook is active
- Verify URL is accessible (HTTPS required)
- Check delivery logs for errors
- Verify signature verification is working
Webhook Failing
- Check response time (must be < 5 seconds)
- Verify endpoint returns 200 status
- Check server logs for errors
- Review retry policy settings
Resources
