Webhooks
Available Starting at the Premium Tier
To notify your backend about the status of a domain connected or sold, Entri uses webhooks. You can enter a URL into the Entri dashboard that webhooks will be sent to.
Here's an example of the webhook data Entri sends when a domain has just been added by a user:
{
"id": "1234567890-abcdefg-1234567890",
"user_id": "your-provided-user-id",
"domain": "example.com",
"type": "domain.added",
"propagation_status": "pending",
"dkim_status": "success",
"redirection_status": "exempt",
"setup_type": "automatic",
"secure_status": "success", //Only for Entri Secure usage
"power_status" : "success", //Only for Entri Power usage
"cname_target": "my.saascompany.com", //Only for Entri Power and Secure usage
"purchased_domains": ["domain1.com",...,"domainN.com"], //Only for Entri Sell usage
"data": {
"records_propagated": [
{
"type": "A",
"host": "smallbusiness.com",
"value": "54.153.2.220",
"applicationUrl": "www.example.com" //Optional Entri power only
"powerRootPathAccess" : ["path1",...,"pathN"] //Optional Entri power only
},
{
"type": "CNAME",
"host": "www",
"value": "smallbusiness.com"
}
],
"records_non_propagated": []
}
}
For full documentation on the data in a webhook, see the API Reference.
Other Notes:
- Subsequent webhook updates that contain any updates will include what objects were updated. For example:
{
"id": "1234567890-abcdefg-1234567890",
"propagation_status": "success",
...
"updated_objects": ["propagation_status"],
}
- If the records are not fully propagated upon the first check, Entri checks again in 1 minute, then 2 minutes, then 4 minutes, etc (exponential backoff). If after 72 hours the records are not fully propagated, then a webhook will be sent with
"type": "domain.timeout"
. dkim_status
will be set toexempt
if the user does not use Google or Microsoft email providers and/or if theEnable support for DKIM
setting is turned off for your applicationId
Webhook Signatures
This is an optional security measure that we highly suggest all our customers take to ensure secure communication.
Payload id signature (recommended)
Entri will hash the Id
value included in the payload, with the well-known hashing algorithm SHA-256. The secret token registered in the dashboard is going to be used to sign the calculated hash. We include the Id
hash in the Entri-Signature
header of the webhook request.
For example:
Entri-Signature=e863e1f6370b60981bbbcbc2da3313321e65eaaac36f9d1262af415965df932
To verify the authenticity of the request, you can hash the received Id
with the SHA-256 algorithm and sign with the same secret provided in the dashboard.
Afterward, you can compare the calculated hash with the incoming hash in the Entri-Signature
request header. If the two hashes match, that ensures that the payload hasn't been tampered with. Otherwise, you should reject the incoming payload.
Full payload signature (To be deprecated)
Entri will hash the webhook full payload with the well-known hashing algorithm SHA-256. The secret token registered in the dashboard is going to be used to sign the calculated hash. We include the payload hash in the Entri-Signature-sha256
header of the webhook request.
For example:
Entri-Signature-sha256=e863e1f6370b60981bbbcbc2da3313321e65eaaac36f9d1262af415965df932
To verify the authenticity of the request, you can hash the received payload with the SHA-256 algorithm and sign with the same secret provided in the dashboard.
Afterward, you can compare the calculated hash with the incoming hash in the request header. If the two hashes match, that ensures that the payload hasn't been tampered with. Otherwise, you should reject the incoming payload.
Updated 3 days ago