Skip to main content

Webhooks

Webhooks are automated messages sent from our system when something happens. They have a message—or payload—and are sent to a unique URL, essentially a simple way for Karla to communicate with your systems automatically. This allows you to receive real-time data about specific events without needing to poll our server continuously for updates.

See API Webhooks Reference for more information in how to set them up programmatically.

How Webhooks Work

Event Triggers

A webhook is triggered by specific events within a system, such as a shipment update for an order. These events are predefined in the Karla system.

HTTP Callbacks

When an event triggers a webhook endpoint defined by you, the Karla system makes a POST HTTP request to the URL you configured for the webhook. This URL is your endpoint, which must be set up to accept and process incoming HTTP requests.

Payload

The HTTP request from the webhook includes a payload, which is a block of data describing the event. This payload is formatted in JSON, providing structured data that can be easily parsed and used by the receiving system.

Response

The endpoint that receives the webhook is expected to return an HTTP status code to acknowledge receipt. A 200 OK status is required to indicate that the webhook payload was received and understood.

Setting Up Webhooks

Choose Events to Monitor

Decide which events in the system you want to monitor with webhooks. This could depend on what aspects of your integration need real-time data.

Configure the Endpoint

Set up an endpoint on your server. This is a URL where the webhook payloads will be sent. Make sure this endpoint is secure, able to handle incoming HTTP POST requests, and can validate and parse JSON data.

Register the Webhook

Register the endpoint URL with the system from which you want to receive events. This registration tells the system where to send the webhook requests. Security measures are handled during registration, involving a secret key that will be used to generate a signature that you should use to verify webhook payloads.

Handle Security

Validate incoming webhooks to ensure they are coming from Karla as an expected source. This involves comparing the signature we send with the webhook against one you generate with the shared secret that is given to you when you created the endpoint via our API.

The use of HTTPS for your endpoint to encrypt the data transmitted between Karla and your server is mandatory.

Contact us for more details about how to set up your own webhooks.