# Webhooks

## Why use Webhooks?

Webhooks are a powerful way for web applications to communicate with each other in real time. They enable one application to send automatic messages or information to another application as soon as a specific event occurs without requiring a request to be made to retrieve that information. This method of communication is event-driven and allows for immediate action, making it an essential tool for enhancing interactivity and responsiveness within and between applications. Whether updating a database, sending a notification, or triggering a series of actions, Webhooks provide a flexible and efficient means to automate workflows and improve user experiences.

## KORE Webhooks Overview

KORE offers several ways to configure Webhooks.&#x20;

* Through an API call with a callback URL
* Configuring resources in a user interface with a callback URL
* Configuring a Webhook destination on Event Streams&#x20;

### HTTPS

All Webhook endpoints you configure with KORE must be using HTTPS. KORE will not connect to an HTTPS URL with a self-signed certificate.

### Headers

Every event sent by KORE will contain headers. A subset of the ones to take note of are as follows.

| Property                                                                                                  | Custom Header? | Detail                                                                                                                                                                         |
| --------------------------------------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| [kore-idempotency-token](https://docs.korewireless.com/developers/webhooks/idempotency)                   | Yes            | KORE Webhook supports [idempotency](https://en.wikipedia.org/wiki/Idempotence) for safely retrying requests without accidentally performing the same operation more than once. |
| [kore-signature](https://docs.korewireless.com/developers/verifying-callbacks-from-kore#signing-webhooks) | Yes            | A signature that KORE signs so that developers can validate the source.                                                                                                        |
| user-agent                                                                                                | No             | The value will always be KoreProxy/1.1                                                                                                                                         |
| date                                                                                                      | Yes            | <p>UTC date</p><p>(format: <code>'%Y-%m-%dT%H:%M:%SZ'</code>)</p>                                                                                                              |

### Best Practices

#### Quickly return a 2XX Response

When KORE sends an event to your configured Webhook URL, it will wait a pre-determined amount of time for a successful response (`2XX`) before failing, as defined in the connection settings property [Read Timeout](https://docs.korewireless.com/developers/webhooks/connection-settings).

If you have any complex or long-running operations, return a `2XX` response immediately and continue processing the information received.

#### Handling Duplicate Events

There may be a chance KORE sends the same event more than once. You can safeguard against this by logging and comparing the [idempotency](https://docs.korewireless.com/developers/webhooks/idempotency) tokens you receive in the header. The idempotency Token will not change if the same event is sent more than once.

#### Validate the authenticity of requests to your endpoint

KORE strongly encourages you to follow our [guide](https://docs.korewireless.com/developers/how-to/webhooks/validate-webhook-signatures) to validate that the events KORE has sent are indeed coming from KORE.

This will allow you to verify:

1. The contents haven't been tampered with
2. The events are coming from KORE.

{% hint style="warning" %}
KORE sends Webhook events from a pool of IPs; there is no specific range you can rely on to validate the Webhook are coming from KORE.
{% endhint %}

## Webhook Management Portal

KORE offers a [management portal](https://build.korewireless.com/webhook) and an API to configure your Webhook secrets.

## Getting Started with Webhooks

If you are new to Webhooks or looking to implement it in your applications, this [guide](https://docs.korewireless.com/developers/get-started/webhooks) will walk you through the basics, including how to set them up, send, and receive data.&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.korewireless.com/developers/webhooks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.