A webhook is simply a user-defined callback in the form of an HTTP POST which is invoked when something happens. So for example whenever a new booking is created in Makeplans we can send a POST request to the URL you specify. The response will include data about the modified object. ## Payload <table> <tr><th>Name</th><th>Type</th><th>Description</th></tr> <tr><td>event</td><td>String</td><td>Type of event</td></tr> <tr><td>idempotency_id</td><td>String</td><td>Unique id for this webhook</td></tr> <tr><td>generated_at</td><td>String</td><td>When the event was initialized</td></tr> <tr><td>performed_by</td><td>Object</td><td>Info of the user who performed the event</td></tr> <tr><td>data</td><td>Object</td><td>Related object for event type</td></tr> </table> ## Data payload <table> <tr><th>Name</th><th>Type</th><th>Description</th></tr> <tr><td>object</td><td>String</td><td>Type of object</td></tr> <tr><td>id</td><td>Integer</td><td>Id of the object</td></tr> <tr><td>*object_type*</td><td>Object</td><td>Payload of the object</td></tr> </table> ### Deprecated attributes The attributes in the data payload, 'object', 'id', and '*object_type*', are also included in the root payload due to legacy reasons. Please use the `data` attribute. The legacy attributes will be removed in the future. ## Supported events * booking.cancelled * booking.confirmed * booking.created * booking.declined * booking.deleted * booking.modified * booking.verified * event.created * event.deleted * event.modified * message.processed * person.created * person.deleted * person.modified ## Wildcard usage You can use wildcard to trigger all or grouped events: `*` or `booking.*` ## Security ### Verify payload signature We include a `X-MakePlans-Signature` header in the webhook request. Use this to verify the request body to ensure the request is from Makeplans and signed with your account secret. The header includes details about the signature and the signature itself. We use HMAC SHA-256 to compute this signature. Example: `X-MakePlans-Signature: sha256=5257a869e7ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd`. ### Authentication You can add HTTP Basic Auth credentials or a parameter secret to the webhook URL. ## Retries We will retry after any 4xx or 5xx HTTP status response. Note that 4xx responses are also retried as they may be caused by temporary issues on the receiving end. Maximum retries are 5. The timeout is set to 10 seconds.

A webhook is simply a user-defined callback in the form of an HTTP POST which is invoked when something happens. So for example whenever a new booking is created in Makeplans we can send a POST request to the URL you specify. The response will include data about the modified object.

Payload

Name	Type	Description
event	String	Type of event
idempotency_id	String	Unique id for this webhook
generated_at	String	When the event was initialized
performed_by	Object	Info of the user who performed the event
data	Object	Related object for event type

Data payload

Name	Type	Description
object	String	Type of object
id	Integer	Id of the object
*object_type*	Object	Payload of the object

Deprecated attributes

The attributes in the data payload, ‘object’, ‘id’, and ‘object_type’, are also included in the root payload due to legacy reasons. Please use the data attribute. The legacy attributes will be removed in the future.

Supported events

• booking.cancelled
• booking.confirmed
• booking.created
• booking.declined
• booking.deleted
• booking.modified
• booking.verified
• event.created
• event.deleted
• event.modified
• message.processed
• person.created
• person.deleted
• person.modified

Wildcard usage

You can use wildcard to trigger all or grouped events: * or booking.*

Security

Verify payload signature

We include a X-MakePlans-Signature header in the webhook request. Use this to verify the request body to ensure the request is from Makeplans and signed with your account secret. The header includes details about the signature and the signature itself. We use HMAC SHA-256 to compute this signature.

Example: X-MakePlans-Signature: sha256=5257a869e7ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd.

Authentication

You can add HTTP Basic Auth credentials or a parameter secret to the webhook URL.

Retries

We will retry after any 4xx or 5xx HTTP status response. Note that 4xx responses are also retried as they may be caused by temporary issues on the receiving end. Maximum retries are 5. The timeout is set to 10 seconds.