HTTP Headers

Every webhook delivery includes the following headers:

Header	Example	Description
`Content-Type`	`application/json`	Always JSON
`X-EasyConfirm-Signature`	`sha256=a1b2c3d4...`	HMAC-SHA256 signature of the request body
`X-EasyConfirm-Event`	`order.confirmed`	The event type
`User-Agent`	`EasyConfirm-Webhook/1.0`	EasyConfirm webhook client identifier

Using Headers in Your Code

Routing by Event Type

You can use the X-EasyConfirm-Event header to quickly determine the event type without parsing the body:

app.post('/webhooks/easyconfirm', (req, res) => {
  const event = req.headers['x-easyconfirm-event'];

  switch (event) {
    case 'order.created':
      handleOrderCreated(req.body);
      break;
    case 'order.confirmed':
      handleOrderConfirmed(req.body);
      break;
    case 'order.canceled':
      handleOrderCanceled(req.body);
      break;
    case 'order.failed':
      handleOrderFailed(req.body);
      break;
  }

  res.status(200).send('OK');
});

Verifying the Signature

Use the X-EasyConfirm-Signature header to verify request authenticity. See the Signature Verification page for full details.

Using Headers in Your Code​

Routing by Event Type​

Verifying the Signature​

Using Headers in Your Code

Routing by Event Type

Verifying the Signature