Webhooks
Receive real‑time notifications for events like new sales, chapter releases, or author messages. Webhooks are available for Pro tier and above.
Quick Start
- Create a webhook endpoint in your developer dashboard.
- Subscribe to events (e.g.,
book.purchased). - InceNar will send a POST request with a signature header.
- Verify the signature using your webhook secret.
POST
/v1/webhooksPro+Create a new webhook endpoint.
Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| url* | string | — | HTTPS endpoint URL |
| events* | array | — | List of event types to subscribe to (see below) |
| description | string | — | Optional description |
Response Example
{ "data": { "id": "wh_123", "url": "...", "secret": "whsec_..." } }GET
/v1/webhooksPro+List all webhook endpoints for the authenticated API key.
Response Example
{ "data": [ { "id": "wh_123", "url": "...", "events": ["book.purchased"] } ] }Event Types
book.purchasedA user bought a book
chapter.publishedNew chapter of a serial book
author.followedUser followed an author
review.createdNew book review
Verifying Signatures
Each webhook request includes a X-Webhook-Signature header. Compute the HMAC‑SHA256 of the raw request body using your webhook secret and compare.
const crypto = require('crypto');
const signature = req.headers['x-webhook-signature'];
const expected = crypto
.createHmac('sha256', webhookSecret)
.update(JSON.stringify(req.body))
.digest('hex');
if (signature !== `sha256=${expected}`) {
throw new Error('Invalid signature');
}