Webhooks
Webhooks allow you to build or set up integrations that subscribe to certain Polar events. When one of those events is triggered, we'll send an HTTP POST payload to the webhook's configured URL.
Our implementation follow the Standard Webhooks specification.
Out-of-the-box, we also support to send notifications suitable for Discord or Slack. This is the purpose of the Format parameter.
Configuring a Webhook
Head over to your organization's settings page and click on the "Add Endpoint" button to create a new webhook.
URL
In the dialog that appears, enter the URL to which the webhook events should be sent.
Format
For standard, custom integrations, leave this parameter on Raw. This will send a payload in a JSON format as described in the Events section.
If you wish to send notifications to a Discord or Slack channel, you can select the corresponding format here. Polar will then adapt the payload so properly formatted messages are sent to your channel.
If you paste a Discord or Slack webhook URL, the format will be automatically selected.
Secret
In order to verify that requests are legitimate webhook payload coming from Polar, we cryptographically sign the requests using a secret key. You can set your own or generate a random one.
Events
Finally, select the events you want to be notified about. You can read more about the available events in the Events section.
Webhook Delivery
Once a webhook is configured, you will have access to a delivery overview page. This page shows you all the webhook events that have been sent to the configured URL. You can easily see the status of each delivery and the data which was sent.
Retries
If we hit an error while trying to reach your endpoint, whether it is a temporary network error or a bug, we'll retry to send the event up to 10 times with an exponential backoff.
Timeouts
We expect your endpoint to answer under 20 seconds. Past this delay, the delivery will error and we'll enter the retry cycle described above. We recommend you to avoid too long processing while receiving the webhook. The good practice if you have long logic to run is to queue the event and respond to the webhook immediately. Your logic is then run in a background by a worker.
Verify signature
Requests sent to your webhook endpoint will include a signature so you can verify that the request is truly coming from Polar.
As it follows the Standard Webhooks specification, you can use one of their libraries to verify the signature: https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries
If you use the standard-webhooks library, you can verify the signature like this using Node.js:
import { Webhook } from 'standardwebhooks'
const webhookSecret = Buffer.from(env.POLAR_WEBHOOK_SECRET).toString('base64')
const wh = new Webhook(webhookSecret)
const payload = wh.verify(requestBody, webhookHeaders)For a more in-depth implementation example - look at the Polar NextJS Webhooks example.