Example: Stripe Webhook
Overview
Stripe sends signed events to
/v1/webhooks/stripe
. Syllecta validates signatures, dedupes, logs, and forwards to your callback.
Configure
- In Backoffice UI:
- Add webhook secret for Stripe provider.
- Set callback URL (e.g., https://merchant.example/webhooks/syllecta).
- In Stripe dashboard, point webhook endpoint to https://cloud.syllecta.example/v1/webhooks/stripe.
Stripe Signature
- Header:
Stripe-Signature: t=timestamp,v1=hex. - Syllecta uses Stripe’s official verification algorithm with the tenant’s secret.
- Old timestamps are rejected automatically.
Successful deliveries return:
json
{ "ok": true }
Duplicates respond with:
json
{ "ok": true, "cached": true }
Callback Example
ts
app.post("/webhooks/syllecta", express.json(), async (req, res) => { const event = req.body; switch (event.type) { case "payment_intent.succeeded": await payments.capture(event.data.object.id); break; } res.json({ received: true }); });
Because Syllecta normalizes the payload, you can branch on event.type and access the original Stripe object via event.data without worrying about signature checks.
Error Handling
- Missing/invalid signature →
400. - Unknown Stripe secret →
500logged, event markeddelivery_failed.