Before your webhook URL can start receiving event notifications, we first need to validate that you own that URL. We do this by sending a request to your URL and checking the response we receive. If the URL for your webhook ever changes or your webhook is disabled, it will need to go through this validation process again in order to continue receiving event notifications. This validation process is a required step in setting up your webhook and your webhook will not be activated until this validation is complete.
The Validation Process
After adding your webhook, its status will be set to Pending Security Check
Sending The Request
Now that the security check is pending, you will need to send the request for validation. This is a two-step process where you will:
-
Click on the Validate Webhook URL link, then you will see a popup with information about validating your webhook URL. The popup will contain your signing secret, which can be used to confirm the validation request came from Loopio, and actions to send the validation request.
- If you are ready to receive the validation request, click on Validate, otherwise, click on Not Now to validate at a later time. The validation request should be sent after completing the required setup outlined in this document.
Tip: This can be found under the Integration tab on the Admin page.
Once The Request Has Been Received
We will send an application/json
POST request to your webhook URL with a payload resembling this:
{
"challenge": "5e27233bdb7dc16ae84abe9208a04232380afb3345ef83841fd11a8321eb56f58d6f928574453111b21f2d3197e0e1b6028360b2",
"type": "url_verification"
}
We expect to receive the challenge attribute’s value in your response. Once you have received the request, you can verify it came from us by using your signing secret and following the steps outlined in our article: How Do I Use My Signing Secret? Respond with a HTTP 200 status and the challenge
attribute’s value from our request with the application/json
content-type:
HTTP 200 OK
Content-type: application/json
{
“challenge”: “5e27233bdb7dc16ae84abe9208a04232380afb3345ef83841fd11a8321eb56f58d6f928574453111b21f2d3197e0e1b6028360b2
”}
When we receive the correct challenge value, you’ll see the status of your webhook change from Pending Security Check to Active and your webhook can now start receiving notifications for its subscribed events.