Getting Started

OverviewQuickstartArchitecture

API Reference

Idempotent RecordsWebhooksAuth / Keys

SDK

InstallUsage

Guides

IdempotencyWebhook GatewayWebhook ConfigurationObservability DashboardChargeback SimulationOnboarding FlowBackoffice Overview

Examples

PaymentsStripePayPal / BraintreeGeneric HMACShopifyGitHub

Example: Shopify Webhook

Overview

Shopify sends HMAC-SHA256 signatures in the X-Shopify-Hmac-Sha256 header. Syllecta validates the signature with the secret you configure and forwards normalized events (e.g., orders/create, orders/updated).

Configure

  1. In Backoffice → Webhook settings, add the Shopify provider and paste the signing secret from the Shopify admin panel.
  2. In Shopify admin, create a webhook subscription pointing to https://cloud.syllecta.example/v1/webhooks/shopify.
  3. Choose the topics you want (orders/create, customers/update, etc.).

Example Request

POST /v1/webhooks/shopify
X-Shopify-Hmac-Sha256: dGVzdCBoYWNo
Content-Type: application/json

{
  "id": 820982911946154508,
  "email": "jon@doe.ca",
  "closed_at": null,
  "created_at": "2023-09-01T12:00:00-04:00",
  "name": "#1001"
}

Syllecta replies after logging and forwarding:

json
{
  "ok": true
}

Duplicates return:

json
{
  "ok": true,
  "cached": true
}

to avoid triggering downstream automation twice.

Handling the Normalized Payload

ts
app.post("/webhooks/syllecta", express.json(), async (req, res) => {
  const event = req.body;
  if (event.provider === "shopify" && event.type === "orders/create") {
    await shopifySync.createOrder(event.data);
  }
  res.json({ ok: true });
});

Each payload includes provider, type, occurredAt, and the raw data object Shopify sent, so you can branch on whichever topics you subscribed to.

References