Example: Generic HMAC Webhook
Overview
Use the generic provider when another service emits events and you can compute your own HMAC signature. Syllecta validates the signature, dedupes the event, and forwards the normalized payload to your callback just like the built-in adapters.
Configure
- In Backoffice → Webhook settings, create a "Generic" provider entry and store the shared secret.
- Point the external service to https://cloud.syllecta.example/v1/webhooks/generic (or the slug-based URL).
- When sending the event, set header
X-Syllecta-Signature: t=<timestamp>,v1=<hex>, wherehexisHMAC_SHA256(secret,.${timestamp}.${rawBody})
Sample Payload
bash
POST /v1/webhooks/generic X-Syllecta-Signature: t=1692059,v1=3f5f0f... Content-Type: application/json { "id": "evt_generic_1", "type": "invoice.updated", "data": { "invoiceId": "inv_42", "status": "paid" } }
Syllecta responds with:
json
{ "ok": true }
If the same id arrives again within the dedupe window, you’ll see:
json
{ "ok": true, "cached": true }
and your callback is not called twice.
Callback Example
Before the code executes, Syllecta has already normalized the payload and verified the signature. All you need to do is react to the type field.
ts
app.post("/webhooks/syllecta", express.json(), async (req, res) => { const event = req.body; if (event.type === "invoice.updated") { await billing.syncInvoice(event.data.invoiceId); } res.json({ received: true }); });
This pattern works for any provider that can generate HMAC headers, so you can bring internal services or niche vendors into Syllecta without writing custom middleware.