Documentation

Developers

Configuration

Sales Events

checkout.createdcheckout.updatedorder.createdsubscription.activesubscription.canceledsubscription.createdsubscription.revokedsubscription.updatedbenefit_grant.createdbenefit_grant.revokedbenefit_grant.updated

Store Events

product.createdproduct.updatedbenefit.createdbenefit.updatedorganization.updated

Webhooks

Webhooks allow you to build or set up integrations that subscribe to certain Polar events. When one of those events is triggered, we'll send an HTTP POST payload to the webhook's configured URL.

Our implementation follow the Standard Webhooks specification.

Out-of-the-box, we also support to send notifications suitable for Discord or Slack. This is the purpose of the Format parameter.

Configuring a Webhook

Head over to your organization's settings page and click on the "Add Endpoint" button to create a new webhook.

Add Webhook Endpoint

URL

In the dialog that appears, enter the URL to which the webhook events should be sent.

Add URL

Format

For standard, custom integrations, leave this parameter on Raw. This will send a payload in a JSON format as described in the Events section.

If you wish to send notifications to a Discord or Slack channel, you can select the corresponding format here. Polar will then adapt the payload so properly formatted messages are sent to your channel.

Select format

tip

If you paste a Discord or Slack webhook URL, the format will be automatically selected.

Secret

In order to verify that requests are legitimate webhook payload coming from Polar, we cryptographically sign the requests using a secret key. You can set your own or generate a random one.

Add Secret

Events

Finally, select the events you want to be notified about. You can read more about the available events in the Events section.

Webhook Delivery

Once a webhook is configured, you will have access to a delivery overview page. This page shows you all the webhook events that have been sent to the configured URL. You can easily see the status of each delivery and the data which was sent.

Delivery

Retries

If we hit an error while trying to reach your endpoint, whether it is a temporary network error or a bug, we'll retry to send the event up to 10 times with an exponential backoff.

Timeouts

We expect your endpoint to answer under 20 seconds. Past this delay, the delivery will error and we'll enter the retry cycle described above. We recommend you to avoid too long processing while receiving the webhook. The good practice if you have long logic to run is to queue the event and respond to the webhook immediately. Your logic is then run in a background by a worker.

Verify signature

Requests sent to your webhook endpoint will include a signature so you can verify that the request is truly coming from Polar.

Our Python and JavaScript SDK provide a function to validate and parse the webhook event.

Python example

from flask import Flask, request
from polar_sdk.webhooks import validate_event, WebhookVerificationError

app = Flask(__name__)

@app.route('/webhook', methods=['POST'])
def webhook():
    try:
        event = validate_event(
            payload=request.data,
            headers=request.headers,
            secret='<YOUR_WEBHOOK_SECRET>',
        )

        # Process the event

        return "", 202
    except WebhookVerificationError as e:
        return "", 403

Node.js example

import express, { Request, Response } from "express";
import { validateEvent, WebhookVerificationError } from "@polar-sh/sdk/webhooks";

const app = express();

app.post("/webhook", express.raw({ type: "application/json" }), (req: Request, res: Response) => {
  try {
    const event = validateEvent(req.body, req.headers, process.env["POLAR_WEBHOOK_SECRET"] ?? "");

    // Process the event

    res.status(202).send('')
  } catch (error) {
    if (error instanceof WebhookVerificationError) {
      res.status(403).send('')
    }
    throw error
  }
});

For other languages, as we follow the Standard Webhooks specification, you can use one of their libraries to verify the signature: https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries

warning

When using the Standard Webhooks libraries, they expect your secret to be encoded in Base64 first.

For a more in-depth implementation example, look at the Polar NextJS Webhooks example.