Articles on: Others

Learn More About AfterShip Tracking Webhooks

Plans: Pro, Premium, Enterprise Platforms: All Platforms

Overview

Webhooks act as a gateway to receive raw data at a particular destination that you define. Webhook is used to ask AfterShip to push back any updates to your system. This is used when the store wants to send out notifications by themselves or receive the latest delivery status / checkpoint. Users can select when to ask AfterShip pushes back delivery updates when using webhook.

What you'll learn

In this article, we will discuss:

How to setup webhook
How to secure webhooks

How to setup webhook

Log into your AfterShip Tracking admin dashboard
Go to notification settings
Add webhook URL (up to 10).
Select Events to start receiving updates.

AfterShip verifies the webhook by sending a POST request to the provided URL. The webhook would be added successfully upon responding 200 HTTP status code.

How to secure webhooks

Webhooks(v4.3 or above) includes a calculated digital signature for verification. Each webhook request includes a aftership-hmac-sha256 header. The signature is a base64-encoded HMAC generated using sha256 algorithm with webhook request body and webhook secret of your account.

Each webhook request could be verified by comparing the computed HMAC digest and the attached HMAC digest in header.

The following Node.JS example demonstrates the computation of a webhook signature.

const crypto = require('crypto');
const WEBHOOK_SECRET = "....."; // your webhook secret

function generateSignature(requestBodyString) {
    return crypto
        .createHmac('sha256', WEBHOOK_SECRET)
        .update(requestBodyString, 'utf8', 'hex')
        .digest('base64');
}

Please note that webhook secret can be obtained by going to Settings > Notifications

In case you need any further assistance, please contact our support team.

Updated on: 27/12/2023