Webhooks Overview
Webhooks allow you to receive real-time notifications when events occur in your Esca account. When an event happens, we'll send an HTTP POST request to your configured webhook URL with details about the event.
How Webhooks Work
- You register a webhook endpoint URL in your dashboard
- You select which events you want to receive
- When an event occurs, we send an HTTP POST request to your URL
- Your server processes the event and returns a 2xx response
Setting Up Webhooks
Via Dashboard
- Log in to your Esca Dashboard
- Click Developer in the sidebar
- Go to the Webhooks tab
- Click Add Endpoint
- Enter your webhook URL (must be HTTPS in production)
- Select the events you want to subscribe to
- Save your endpoint
Webhook Secret
When you create a webhook endpoint, you'll receive a signing secret in the format:
whsec_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Store this secret securely - it's only shown once and is required to verify webhook signatures.
Webhook Headers
Each webhook request includes the following headers:
| Header | Description |
|---|---|
Content-Type |
application/json |
User-Agent |
Esca-Webhooks/1.0 |
X-Esca-Webhook-Signature |
HMAC signature for verification |
X-Esca-Webhook-Id |
Unique event ID (same as payload id) |
X-Esca-Webhook-Timestamp |
Unix timestamp of the request |
Payload Format
All webhook payloads follow this structure:
{
"id": "evt_550e8400-e29b-41d4-a716-446655440000",
"type": "transfer.completed",
"data": {
// Event-specific data
},
"createdAt": "2026-01-18T10:30:05.000Z"
}
Payload Fields
| Field | Type | Description |
|---|---|---|
id |
string | Unique event identifier (use for idempotency) |
type |
string | Event type |
data |
object | Event-specific data |
createdAt |
string | Event timestamp (ISO 8601) |