Webhooks

Webhooks

Webhooks allow you to build or set up integrations that subscribe to certain events on AllServicePros. When one of those events is triggered, we'll send a HTTP POST payload to the webhook's configured URL.

Setting up a Webhook

You can configure webhooks via the Developer Dashboard. You'll need to provide:

• Payload URL: The server URL that will receive the webhook payloads.
• Secret: A secret token used to validate the payload.
• Events: The specific events you want to listen to.

Supported Events

• booking.created - Triggered when a new booking is created.
• booking.confirmed - Triggered when a booking is confirmed and paid.
• booking.cancelled - Triggered when a booking is cancelled.
• review.created - Triggered when a new review is submitted.
• professional.updated - Triggered when a professional's profile is updated.

Securing Webhooks (HMAC Signing)

To ensure that the webhook payload actually came from AllServicePros, we sign every payload using an HMAC hex digest.

The signature is included in the X-ASP-Signature header.

Verifying the Signature

Here is an example of how to verify the signature in Node.js:

import crypto from 'crypto';

function verifySignature(payload, signature, secret) {
  const hmac = crypto.createHmac('sha256', secret);
  const digest = hmac.update(payload).digest('hex');
  return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest));
}

Retries

If your server returns a non-2xx response, we will retry the webhook delivery with exponential backoff for up to 3 days.