What are endpoints?
Your customers need to expose an API route where you can send webhooks which we refer to as endpoints. While you can start sending webhooks before you define an endpoint, we strongly recommend you to create one for the following reasons:
- HMAC signature: Each endpoint has a secret associated with it which is required for computing the HMAC signature to be placed in the header in order to prove that the webhook came from a verified sender. This secret is supposed to be shared with the endpoint owner so that they can verify whether the webhook was received. One endpoint’s secret must not be shared with another endpoint owner.
- Apply rate limits: An endpoint must be defined in order to apply rate limits while hitting the endpoint.
- Include specific headers: There could be come headers like authentication headers which are tied to a particular endpoint which have to be sent whenever a webhook is sent.