Introduction

We have configured webhooks in Pleo. So, when an event is triggered in the Pleo platform, notifications are sent in real-time to external applications. For example, when the accounting data of a customer is exported to another application, the export-job.created event is triggered.
This generates a webhook notification, which is sent to the endpoint you have configured. This functionality ensures seamless integration, enhances data synchronisation across multiple applications, and automates workflows eliminating the need of manual intervention.

How Webhooks Function?

< Content to be added here >

Key Features of Pleo Webhooks

• Event subscription: If you are a Developer Partner, you can subscribe to specific events in Pleo for which you want to be notified. For example, you can subscribe to the export.job-created event that is triggered when the customer's accounting data is exported to an external application.
• Real-time notifications: When an event is triggered, it generates a webhook notification in real-time.
• Secure communication: All webhook notifications are sent over HTTPS to ensure secured data transmission.

How to Set Up Webhook Notifications?

Perform the following to configure webhook notifications:

1. Ensure access: To subscribe to specific webhook events, you need access to the relevant API. Also, if you would like to subscribe to export events, you must provide the scopes required to access the Export API.
2. Configure endpoints: You must configure the endpoint URL(s) to which you want to send the webhook notifications. For more information, see Configuring Receiving Endpoints.
3. Subscribe events: Select the specific events for which you want to send webhook notifications. You can create a new subscription request through the POST v1/webhooks endpoint. For more information, see Create Subscription for Webhooks.
4. Secure endpoints: We recommend that you set up verification for the incoming Pleo webhook notifications. This ensures protection from potential security threats. For more information, see Verifying Webhooks.

Configuring Receiving Endpoints

Configure the endpoints to which you want to send webhook notifications. These endpoints must conform with the following:

• Hypertext Transfer Protocol Secure (HTTPS) method
• Available in the public domain
• Accepts POST request with JSON payload

Verifying Webhooks

To ensure the authenticity of the webhook notifications generated from Pleo, we recommend you to verify the webhook signature specified in the request header. You can calculate the signature using your signing secret. For more information, see Svix Documentation on Webhook Verification. To perform manual authentication, see Verifying Webhooks Manually.

Source IP Addresses

If your receiving endpoint is protected by a firewall, ensure that the IP addresses listed here are whitelisted.

Configuring Webhooks During Integration

For providing an optimised experience to customers, we recommend that you configure webhook subscriptions during the integration set up. Send a request to the POST/v1 webhooks endpoint using the access token obtained during OAuth or the API key that the customer has provided.

Webhook Notifications

After you have created subscriptions for webhook notifications, the response message sent to the receiving endpoints contain a HTTPS header and a JSON payload.

⚠️

Note: Currently, Pleo supports only the export.job-created event. Here are the details:

API	Event Type	Description
Export API	export-job.created	This event is triggered when the customer's accounting data is exported to a third-party application.

Sample Response Message

JSON
    Event Headers:
    {
        "webhook-id":"1234",
        "webhook-timestamp":123434353535,
        "webhook-signature":"sdasddw"
    }
    Event Body:
    {
        "data": { ...payload },
        "eventType": "export.completed",
        "eventVersion": "1.0",
        "eventId": "1234"
    }`

Header

Response Payload

The response payload contains the following parameters: