Webhooks

Receive real-time events for subscribers and campaigns.

New in v1.0.20

Added X-NetSendo-Signature header for HMAC verification.

Verifying Signatures

NetSendo signs every webhook request using HMAC-SHA256. You should verify this signature to ensure the request came from us.

Node.js Example

const crypto = require('crypto');

function verifySignature(payload, signature, secret) {
  const hmac = crypto.createHmac('sha256', secret);
  const digest = hmac.update(payload).digest('hex');
  return signature === digest;
}

Event Types

subscriber.created
Fired when a new subscriber joins a list.
subscriber.unsubscribed
Fired when a subscriber opts out.

Retries

If your endpoint returns a non-200 status code, NetSendo will retry the webhook delivery up to 10 times with exponential backoff. After 10 failures, the webhook will be automatically deactivated.