You can set up custom headers for all webhooks Ecwid sends to your application. Custom headers can work as application identifiers if you receive webhooks from several applications to one endpoint. Or they can work as an additional validation layer.
Custom headers are always added to the default list of webhook headers Ecwid sends to you. It works even if a custom header duplicates one of the default headers. In that case, Ecwid sends both default and custom headers in the request.
Structure and restrictions
Custom webhook headers consist of a name and value, for example:
My-Custom-Validation-Key: abc123def456ghi789
Such headers can only have static names and values. Variables are not supported. Custom headers also cannot provide additional entity data to webhook requests like order total for the 'order.created' event.
Webhook example with a custom header
PUT /webhook-receiver HTTP/1.1
Host: backend.example.com
Content-Type: application/json
Content-Length: 261
X-Ecwid-Webhook-Signature: MeV28XtFal4HCkYvdilwckJinc6Dtp4ZWpPhmjdjn2= // Ecwid validation header
My-Custom-Validation-Key: abcde12345 // Custom header
{
"eventId":"80aece08-40e8-4145-8764-6c2f0d38678",
"eventCreated":1234567,
"storeId":1003,
"entityId":103878161,
"eventType":"order.created",
"data":{
"orderId":"XJ12H",
"newPaymentStatus":"PAID",
"newFulfillmentStatus":"SHIPPED"
}
}
Email us to set up custom headers for your application. Tell us your application name or ID, and the name and value for the webhook header. We'll update the app for you as soon as possible. Changes will be applied immediately after the update.