Dev Portal
🔔 Webhooks
Configure webhook endpoints to receive live event notifications from AppVerse.
Add Webhook Endpoint
Webhooks allow your app to react instantly to AppVerse events such as user signups, app deployments, or billing updates.
https://yourapp.com/webhooks
Status: Active
Example Event Payload
When an event occurs (for example, when a new user is created), AppVerse sends a signed POST request to your webhook URL:
POST /webhooks
Headers:
x-appverse-signature: t=1731234567,v1=abc123...
Body:
{
"event": "user.created",
"data": {
"id": "usr_12345",
"email": "user@appverse.tech"
}
}Signature Verification
Each webhook request includes an x-appverse-signature header. Use this signature to verify that the request genuinely comes from AppVerse.
const crypto = require("crypto");
const signature = req.headers["x-appverse-signature"];
const payload = JSON.stringify(req.body);
const secret = process.env.WEBHOOK_SECRET;
const expected = crypto
.createHmac("sha256", secret)
.update(payload)
.digest("hex");
if (signature !== expected) {
return res.status(401).send("Invalid signature");
}⚠️ Security Best Practices
- Always verify signatures before trusting the payload.
- Use HTTPS and secret keys unique to each environment.
- Respond with
2xxstatus codes to acknowledge receipt. - Retry handling logic should be idempotent (safe to re-run).