To gain access to the Levanta Webhooks you must have a valid API key, make sure you have followed the prerequisites as outlined in the Creator API Documentation
Webhooks are a way to receive real-time updates from Levanta about activity happening in your account. Every time an event you are subscribed to occurs, Levanta will send your endpoint a request containing the event details. Follow the instructions below to get started!
To get started with Levanta Webhooks, you can visit https://app.levanta.io/creator/settings/api and click “Create Endpoint”. An endpoint is a specific destination, owned by you, that is ready to receive webhook events from Levanta. Enter the URL and choose the events that you would like to subscribe to.
Levanta implements a Hash-based message authentication code (HMAC) to help you verify requests are really coming from Levanta’s severs. Levanta will provide a secret key, available in the webhook dashboard, that you may use for this verification process. To verify Levanta webhooks, follow the following steps for each request:
x-levanta-hmac-sha256 header from the given request.Here’s some example code in Node.js:
import { createHmac, timingSafeEqual } from 'crypto';
import { IncomingMessage } from 'http';
import { buffer } from 'micro';
const LEVANTA_WEBHOOK_SECRET = 'test-secret';
const verifyLevantaWebhook = async (req: IncomingMessage) => {
const rawRequestBody = await buffer(req);
const levantaHmacHeader = req.headers['x-levanta-hmac-sha256'];
const signature = createHmac('sha256', LEVANTA_WEBHOOK_SECRET).update(rawRequestBody).digest('hex');
const trusted = Buffer.from(signature, 'utf-8');
const untrusted = Buffer.from(levantaHmacHeader, 'utf-8');
return timingSafeEqual(trusted, untrusted);
};