Skip to main content
Webhooks allow you to receive real-time HTTP notifications when events occur in your Gately project. Use them to trigger automations, sync data, or integrate with external services.

Overview

When an event occurs (e.g., new member signup), Gately sends an HTTP POST request to your configured webhook URL with event data.

Setting Up Webhooks

Via Dashboard

  1. Go to Webhooks in your dashboard
  2. Click Create Webhook
  3. Enter your endpoint URL
  4. Select events to subscribe to
  5. Save

Webhook Configuration

FieldDescription
URLYour endpoint URL (HTTPS required)
EventsEvents to trigger the webhook
SecretSigning secret for verification
HeadersCustom headers to include
ActiveEnable/disable the webhook

Events

Member Events

EventDescription
member.createdNew member signed up
member.updatedMember profile updated
member.deletedMember account deleted
member.loginMember logged in
member.plan_changedMember changed subscription plan

Form Events

EventDescription
form.submittedForm submission received
form.createdNew form created
form.updatedForm settings updated

Subscription Events

EventDescription
subscription.createdNew subscription started
subscription.updatedSubscription modified
subscription.cancelledSubscription cancelled
subscription.renewedSubscription renewed

Payment Events

EventDescription
payment.succeededPayment successful
payment.failedPayment failed
refund.createdRefund issued

Helpdesk Events

EventDescription
ticket.createdNew support ticket
ticket.updatedTicket status changed
ticket.repliedNew reply on ticket

Payload Format

All webhook payloads follow this structure: 
{
  "id": "evt_123456789",
  "event": "member.created",
  "created_at": "2024-01-15T10:30:00Z",
  "project_id": "proj_abc123",
  "data": {
    // Event-specific data
  }
}

Example: Member Created

{
  "id": "evt_123456789",
  "event": "member.created",
  "created_at": "2024-01-15T10:30:00Z",
  "project_id": "proj_abc123",
  "data": {
    "id": "mem_xyz789",
    "email": "[email protected]",
    "full_name": "John Doe",
    "plan_id": "free",
    "status": "active",
    "created_at": "2024-01-15T10:30:00Z"
  }
}

Example: Form Submitted

{
  "id": "evt_987654321",
  "event": "form.submitted",
  "created_at": "2024-01-15T11:00:00Z",
  "project_id": "proj_abc123",
  "data": {
    "form_id": "form_123",
    "submission_id": "sub_456",
    "fields": {
      "name": "Jane Smith",
      "email": "[email protected]",
      "message": "Hello!"
    },
    "submitted_at": "2024-01-15T11:00:00Z"
  }
}

Verifying Webhooks

All webhooks are signed with your webhook secret. Verify the signature to ensure the request is from Gately.

Signature Header

X-Gately-Signature: sha256=abc123...

Verification (Node.js)

const crypto = require('crypto')

function verifyWebhook(payload, signature, secret) {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex')
  
  return `sha256=${expectedSignature}` === signature
}

// Express middleware
app.post('/webhook', express.raw({ type: 'application/json' }), (req, res) => {
  const signature = req.headers['x-gately-signature']
  
  if (!verifyWebhook(req.body, signature, process.env.WEBHOOK_SECRET)) {
    return res.status(401).send('Invalid signature')
  }
  
  const event = JSON.parse(req.body)
  // Process event...
  
  res.status(200).send('OK')
})

Verification (Python)

import hmac
import hashlib

def verify_webhook(payload, signature, secret):
    expected = hmac.new(
        secret.encode(),
        payload.encode(),
        hashlib.sha256
    ).hexdigest()
    
    return f"sha256={expected}" == signature

Retry Policy

If your endpoint returns a non-2xx status code, Gately will retry:
AttemptDelay
1Immediate
21 minute
35 minutes
430 minutes
52 hours
After 5 failed attempts, the webhook is marked as failed.

Best Practices

Return a 200 response immediately, then process the event asynchronously.
Use the event id to deduplicate events (webhooks may be sent multiple times).
Always verify the webhook signature to prevent spoofing.
Only use HTTPS endpoints for security.
Log all received events for debugging and auditing.

Testing Webhooks

Test from Dashboard

  1. Go to Webhooks > [Your Webhook]
  2. Click Send Test Event
  3. Select event type
  4. View response

Local Development

Use a tunnel service like ngrok for local testing: 
ngrok http 3000
Then use the ngrok URL as your webhook endpoint.

Webhook Logs

View webhook delivery history:
  1. Go to Webhooks > [Your Webhook] > Logs
  2. See all delivery attempts
  3. View request/response details
  4. Retry failed deliveries