6ec8d3236d
- Replace TLAS with License Authority throughout documentation - Add Government of Goa emblem/logo (Ashoka Chakra style) - Update frontend branding to match documentation - Add configurable Swagger API link via VITE_API_BASE_URL env var - Fix Docker build for VitePress (git dependency, .dockerignore) - Fix helmet security headers for HTTP deployments - Add CORS support for VM deployment Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1.6 KiB
1.6 KiB
Webhooks
Overview
The platform sends webhook notifications for key events. Configure webhook endpoints to receive real-time updates.
Configuration
Register webhook endpoint:
POST /webhooks
Authorization: Bearer <token>
{
"url": "https://your-system.com/webhook",
"events": ["application.approved", "certificate.issued"],
"secret": "your-webhook-secret"
}
Event Types
| Event | Trigger |
|---|---|
application.submitted |
New application received |
application.approved |
Application approved |
application.rejected |
Application rejected |
application.returned |
Returned for corrections |
certificate.issued |
License NFT minted |
certificate.revoked |
License revoked |
Payload Format
{
"event": "application.approved",
"timestamp": "2026-02-09T10:00:00Z",
"data": {
"applicationId": "APP-2026-00001",
"licenseType": "TRADE_LICENSE",
"applicantId": "DL-12345678"
}
}
Signature Verification
Verify webhook authenticity using HMAC-SHA256:
const crypto = require('crypto');
function verifySignature(payload, signature, secret) {
const expected = crypto
.createHmac('sha256', secret)
.update(payload)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expected)
);
}
Header: X-Webhook-Signature: sha256=<signature>
Retry Policy
Failed deliveries (non-2xx response) are retried:
- 1st retry: 1 minute
- 2nd retry: 5 minutes
- 3rd retry: 30 minutes
- 4th retry: 2 hours
- 5th retry: 24 hours
After 5 failures, webhook is disabled. Re-enable via API.