Skip to main content
webhooks send real-time notifications to your app when specific events occur. When you subscribe to an event, Sandbox delivers the payload directly to your endpoint. For example, subscribing to tds.206-ab.done notifies you each time a 206AB job completes.

Configure webhooks

Set up your webhook url, subscribed events, and secret key in the Sandbox Console. See How to Configure Webhooks for step-by-step instructions.

Validate webhook signatures

When you configure a webhook secret, Sandbox generates a hash signature for each payload. Validate this signature to ensure the webhook is authentic. Sandbox includes the signature in the x-sandbox-signature header using a base64-encoded hash-based message authentication code (HMAC) with SHA-256.
Always validate webhook signatures before processing the payload to prevent unauthorized requests.