Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tonder.io/llms.txt

Use this file to discover all available pages before exploring further.

This guide explains how to manage your webhook endpoints through the Tonder API. You’ll learn to create, update, and manage webhook endpoints to receive real-time notifications.
Security RequirementsFollow these essential security practices when setting up webhook endpoints:
  • Always use a secure (HTTPS) URL for your webhook endpoint.
  • Use an authentication method (BEARER, API_TOKEN, or BASIC_AUTH) to verify requests come from Tonder.
  • Validate the event structure and content before processing.

Setting up Webhook Endpoints

The webhook management process involves creating and configuring your endpoints through the API.

Step 1: Create a webhook endpoint

First, you need to register your webhook endpoint with Tonder. Register a new URL to receive webhook notifications using the /webhooks/ endpoint. You can configure authentication to secure your endpoint: 
curl -X POST https://stage.tonder.io/api/v1/webhooks/ \
  -H "Authorization: Token YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-site.com/webhook-handler",
    "auth_method": "BEARER",
    "credentials": {
      "token": "a-secure-bearer-token-you-generate"
    }
  }'
You should receive a response confirming the webhook endpoint was created:
FieldTypeDescription
idintegerUnique identifier for this webhook endpoint
urlstringThe webhook URL you registered
statusstringCurrent status of the webhook (active, inactive)
auth_methodstringAuthentication method configured (BEARER, API_TOKEN, BASIC_AUTH)
credentialsobjectAuthentication credentials associated with this webhook
The response is as follows: 
{
  "id": 123,
  "url": "https://your-site.com/webhook-handler",
  "status": "active",
  "auth_method": "BEARER",
  "credentials": {
    "token": "a-secure-bearer-token-you-generate"
  }
}
Make sure to save the webhook id for future management operations.

Step 2: Manage existing webhooks

After creating webhooks, you can update, delete, or list them as needed. Once you have created webhooks, you can manage them using these /webhooks/ API endpoints:
OperationMethodEndpointPurpose
List WebhooksGET/webhooks/Retrieves all webhook endpoints configured for your business
Update WebhookPUT/webhooks/{webhook_id}/Updates the configuration of an existing webhook endpoint
Delete WebhookDELETE/webhooks/{webhook_id}/Removes a webhook endpoint (it will no longer receive notifications)
Here are examples of each management operation: 
curl -X GET https://stage.tonder.io/api/v1/webhooks/ \
  -H "Authorization: Token YOUR_API_KEY"

Troubleshooting

Here are some common setup issues and how to resolve them:
When webhook creation fails due to authentication problems:
  • Check: Verify your API credentials are correct and have proper permissions.
  • Solution: Ensure your endpoint validates the configured authentication method properly.
  • Prevention: Test authentication locally before setting up the webhook.
When your webhook endpoint is created successfully but doesn’t receive events:
  • Check: Verify your endpoint is publicly accessible via HTTPS and responds quickly.
  • Solution: Ensure your endpoint returns a 2xx status code within 30 seconds.
  • Prevention: Test your endpoint URL with tools like curl before registering it.

Next Steps

After setting up webhooks: