Webhooks
Receive real-time notifications when events occur in your NexGeo.ai account.
Overview
Webhooks allow you to receive HTTP POST requests whenever specific events occur. This is useful for integrating NexGeo.ai with your own tools, dashboards, or automation workflows.
Available Events
| Event | Description |
|---|---|
scan.completed | A scan has finished successfully |
scan.failed | A scan has failed |
alert.triggered | One or more alert rules matched |
product.updated | A product's visibility score changed significantly |
Setup
- Go to the Developers page in your dashboard
- Click Add Endpoint in the Webhooks section
- Enter your endpoint URL (must be HTTPS)
- Select which events to subscribe to
- Copy the signing secret — you'll need it to verify payloads
Payload Format
Webhook payloads are sent as JSON POST requests:
JSON
{
"event": "scan.completed",
"timestamp": "2025-01-15T10:35:00Z",
"data": {
"scan_id": "uuid",
"store_id": "uuid",
"products_scanned": 10,
"avg_score": 68.4
}
}Verifying Signatures
Every webhook request includes an X-Webhook-Signature header containing an HMAC-SHA256 signature of the request body, signed with your webhook secret.
To verify:
TypeScript
import crypto from 'crypto';
function verifySignature(body: string, signature: string, secret: string): boolean {
const expected = crypto
.createHmac('sha256', secret)
.update(body)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expected)
);
}Delivery & Retries
- Webhooks are delivered within seconds of the triggering event
- Your endpoint must respond with a 2xx status within 10 seconds
- Failed deliveries are logged in the webhook delivery history
- Delivery status is visible on the Developers page
Security: Always verify the webhook signature before processing the payload. Never trust the payload without signature verification.