Webhooks

Listen to events on your webhook endpoint and automatically trigger actions

Why use Webhooks?

Webhooks are a powerful way for web applications to communicate with each other in real time. They enable one application to send automatic messages or information to another application as soon as a specific event occurs without requiring a request to be made to retrieve that information. This method of communication is event-driven and allows for immediate action, making it an essential tool for enhancing interactivity and responsiveness within and between applications. Whether updating a database, sending a notification, or triggering a series of actions, Webhooks provide a flexible and efficient means to automate workflows and improve user experiences.

KORE Webhooks Overview

KORE offers several ways to configure Webhooks.

  • Through an API call with a callback URL

  • Configuring resources in a user interface with a callback URL

  • Configuring a Webhook destination on Event Streams

HTTPS

All Webhook endpoints you configure with KORE must be using HTTPS. KORE will not connect to an HTTPS URL with a self-signed certificate.

Headers

Every event sent by KORE will contain headers. A subset of the ones to take note of are as follows.

Property
Custom Header?
Detail

Yes

KORE Webhook supports idempotency for safely retrying requests without accidentally performing the same operation more than once.

Yes

A signature that KORE signs so that developers can validate the source.

user-agent

No

The value will always be KoreProxy/1.1

date

Yes

UTC date

(format: '%Y-%m-%dT%H:%M:%SZ')

Best Practices

Quickly return a 2XX Response

When KORE sends an event to your configured Webhook URL, it will wait a pre-determined amount of time for a successful response (2XX) before failing, as defined in the connection settings property Read Timeout.

If you have any complex or long-running operations, return a 2XX response immediately and continue processing the information received.

Handling Duplicate Events

There may be a chance KORE sends the same event more than once. You can safeguard against this by logging and comparing the idempotency tokens you receive in the header. The idempotency Token will not change if the same event is sent more than once.

Validate the authenticity of requests to your endpoint

KORE strongly encourages you to follow our guide to validate that the events KORE has sent are indeed coming from KORE.

This will allow you to verify:

  1. The contents haven't been tampered with

  2. The events are coming from KORE.

KORE sends Webhook events from a pool of IPs; there is no specific range you can rely on to validate the Webhook are coming from KORE.

Webhook Management Portal

KORE offers a management portal and an API to configure your Webhook secrets.

Getting Started with Webhooks

If you are new to Webhooks or looking to implement it in your applications, this guide will walk you through the basics, including how to set them up, send, and receive data.

Last updated