S
S
Store
Search…
Welcome
FAQ
Plugin API Documentation
Key Features
Packages
Manual Payments
Pages
Sales
Coupon Codes
Variables
Community Goals
Team Accounts
Slack & Discord Notifications
Player Referrals
Game Servers
Discord Servers
Banning & Whitelisting
Customer Lookup
Gift Cards
Abandoned Basket Recovery
Purchase Follow Ups
Login Webhooks
Product Deliverables Configuration
Creator Codes
Upselling
Tebex Checkout
Fees
Sales Tax / VAT
Custom Template Change
Paysafecard
Roundup For Charity
Wallet
FAQ
Configuring Your Webstore
Appearance
Language
Currency
Custom CSS & HTML
Template Variables
Subdomain & Custom Domain
Sidebar Modules
Custom Translations
Command Management
An Introduction To Commands
Command Troubleshooting
Resending Commands
Support for Epic Game IDs
Integrating With Your Game Server Or Website
Minecraft: Java Edition
Minecraft: Bedrock
ARK: Survival Evolved
Space Engineers
Unturned
Rust
Garry's Mod
Hurtworld
Counter Strike: GO
7 Days To Die
Team Fortress 2
Webhooks
Legacy Webhooks
MySQL
RCON
Setup A Payment Gateway
PayPal Standard & Express
Paysafecard
Mollie
Paygol
Stripe
Paymentwall
Skrill
Plans, Pricing & Billing
Payment Methods
How To Cancel Your Plan
Transaction Limits
Powered By GitBook
Webhooks
Webhooks enable you to receive notifications upon certain webstore events, for example when a new payment is made. We will send a HTTP request containing a JSON object to any configured endpoints that are subscribing to the respective event. Webhooks are a great way to integrate Tebex with your own website, forum or internal database.

How To Setup Webhooks Endpoints

  1. 1.
    Go to Developers > Webhooks > Endpoints.
  2. 2.
    Click Add Endpoint.
  3. 3.
    Enter the URL of your webhook endpoint.
  4. 4.
    Select the types of webhooks that you'd like to subscribe to.
  5. 5.
    Click Add.
After adding your endpoint, you will receive a warning to inform you that we haven't been able to validate endpoint. Please see the section below for further information about handling validation webhooks.

Handling Validation Webhooks

Webhooks will not be sent to an endpoint unless it has been validated first. This is to ensure we are not sending HTTP requests to URLs that are not expecting our webhooks.
The validation webhook that we send will look similar to the example below. To identify a validation webhook you can check the type property in the JSON body.
1
{
2
"id": "2c116b11-1110-91e0-b266-b792c8da5f11",
3
"type": "validation.webhook",
4
"date": "2021-08-24T12:21:47+00:00",
5
"subject": {}
6
}
Copied!
Upon receiving a validation webhook you must respond with a 200 OK response containing a JSON object that has an id property representing the validation webhook's ID, please see the example response below.
1
{
2
"id": "2c116b11-1110-91e0-b266-b792c8da5f11"
3
}
Copied!
Once your endpoint is setup to successfully handle validation webhooks, please visit Developers > Webhooks > Endpoints and click the Validate button next to the endpoint to re-send the validation webhook.

Verifying Webhook Authenticity

IP Address

Webhooks from Tebex will only ever be sent from the two IP addresses listed below.
18.209.80.3 54.87.231.232
When building your webhook endpoint, we suggest that you check the IP address of the sender and throw a 404 Not Found error if the IP address isn't in the above list.

Signature

In addition to checking the IP address, we strongly advise that you verify the X-Signature header that we send with all requests.
The signature is generated by SHA256 hashing the JSON body and then building a SHA256 HMAC with the body hash as the data/content and your webhook secret as the key.
Your webhook secret is displayed on the Developers > Webhooks > Endpoints page. Please see our example of how to generate the signature using PHP below.
1
$json = file_get_contents('php://input');
2
$secret = "0d45982a10e3a072d0c1261c55dd9918";
3
$signature = hash_hmac('sha256', hash('sha256', $json), $secret);
Copied!
If the signature that you generate doesn't match the X-Signature header, please disregard the webhook because it is not from Tebex.

Handling Webhooks

All of our webhooks are sent using the standardised format with the following properties:
id: This property represents the unique ID of the webhook. type: The type of webhook we are sending, for example payment.completed. date: This is the date that the webhook was generated. subject: The data within this property will differ depending on the type of webhook. To view the different subject formats please see the subject types below.
When handling a webhook, please ensure you respond with a 2XX status code (anywhere between 200-299). If your endpoint responds with any other status code we will automatically try to resend the webhook later-on.
After several attempts of retrying we will mark the webhook as failed and your endpoint may require validating again.

Payment Subject

1
{
2
"transaction_id": "tbx-xxxxxxxx",
3
"status": {
4
"id": 2,
5
"description": "Refund"
6
},
7
"payment_sequence": "oneoff",
8
"created_at": "2021-08-19T13:03:30.000000Z",
9
"price": {
10
"amount": 13.2,
11
"currency": "GBP"
12
},
13
"customer": {
14
"first_name": "Test",
15
"last_name": "Test",
16
"email": "[email protected]",
17
"ip": "1.2.3.4",
18
"username": {
19
"id": "1234",
20
"username": "Test"
21
},
22
"marketing_consent": true,
23
"country": "GB",
24
"postal_code": "TE57 1NG"
25
},
26
"products": [
27
{
28
"id": 4,
29
"name": "Example Package",
30
"quantity": 1,
31
"base_price": {
32
"amount": 11,
33
"currency": "GBP"
34
},
35
"paid_price": {
36
"amount": 11,
37
"currency": "GBP"
38
},
39
"variables": [
40
{
41
"identifier": "server",
42
"option": "3"
43
}
44
],
45
"expires_at": null,
46
"custom": null,
47
"username": {
48
"id": "1234",
49
"username": "Test"
50
}
51
}
52
],
53
"coupons": [],
54
"gift_cards": [],
55
"recurring_payment_reference": null
56
}
Copied!

Recurring Payment Subject

1
{
2
"reference": "tbx-r-xxxxx",
3
"created_at": "2021-08-23T11:33:51.000000Z",
4
"next_payment_at": "2021-09-23T11:34:13.000000Z",
5
"status": {
6
"id": 5,
7
"description": "Cancelled"
8
},
9
"initial_payment": <Payment Subject>,
10
"last_payment": <Payment Subject>,
11
"fail_count": 0,
12
"price": {
13
"amount": 20,
14
"currency": "GBP"
15
},
16
"cancelled_at": "2021-08-24T14:46:05.000000Z",
17
"cancel_reason": "Cancelled by webstore on request"
18
}
Copied!

Testing Webhooks

Our webhook testing feature allows you to manually trigger webhooks from your control panel. Please follow the steps below to send a test webhook.
  1. 1.
    Navigate to Developers > Webhooks in your control panel.
  2. 2.
    Click the Send Test button.
  3. 3.
    Choose the type of webhook you'd like to send.
  4. 4.
    Provide a valid transaction ID if you've selected a payment webhook type, or enter a recurring payment reference if you've chosen a recurring payment webhook type.
  5. 5.
    Click the Send Test button.
​
Integrating With Your Game Server Or Website - Previous
Team Fortress 2
Next - Integrating With Your Game Server Or Website
Legacy Webhooks
Last modified 25d ago
Copy link
Contents
How To Setup Webhooks Endpoints
Handling Validation Webhooks
Verifying Webhook Authenticity
IP Address
Signature
Handling Webhooks
Payment Subject
Recurring Payment Subject
Testing Webhooks