Skip to main content

Webhooks

Alguna provides webhooks to notify you about events that happen in your account. Use webhooks to receive real-time notifications when customers subscribe, invoices are paid, payments fail, and more.
Webhooks are delivered via Svix for reliable delivery with automatic retries.

Webhook Format

All webhooks follow the Standard Webhooks specification:

Supported Events


Event Payloads

Subscription Events

subscription.activated
subscription.updated Emitted when a top-level subscription attribute changes — name, contract dates, renewal settings, invoice settings, metadata, and similar. Pricing/version changes are not covered by this event; listen for subscription.version.updated for those.
subscription.version.updated Emitted when a specific subscription version is created, updated, or published. The payload is intentionally thin — only identifiers and status. Fetch the version by id if you need full details.
Version status values: draft, published Subscription status values: draft, active, canceled

Invoice Events

invoice.issued / invoice.paid

Payment Events

payment.created / payment.updated
Payment status values:
  • pending_client_action - Requires customer action
  • pending_authorization - Awaiting authorization
  • processing - Being processed
  • completed - Successfully processed
  • failed - Payment failed

Checkout Events

checkout.session.completed

Credit Events

account.credits.granted
account.credits.balance_depleted
Credit type values: monetary, units

Setting Up Webhooks

  1. Navigate to Settings → Webhooks in the dashboard
  2. Click Add Endpoint
  3. Enter your endpoint URL
  4. Select which events to receive
  5. Copy the signing secret for verification
  6. Save

Responding to Webhooks

Return a 2xx status code (200-299) within 15 seconds to acknowledge receipt. If using a framework with CSRF protection, disable it for your webhook endpoint.

Verifying Webhook Signatures

Always verify webhook signatures to ensure they’re from Alguna. Use the Svix SDK:
Headers used for verification:
  • svix-id
  • svix-timestamp
  • svix-signature
For complete documentation in all languages (Node.js, Python, Go, Ruby, Java, etc.), see the Svix verification guide.

Retry Policy

Failed webhook deliveries are retried with exponential backoff: If all attempts fail for 5 days, the endpoint is disabled.

IP Whitelist

If your endpoint is behind a firewall, allow these Svix IP addresses:

Best Practices

Respond Quickly

Return 2xx within 15 seconds. Process asynchronously if needed.

Handle Duplicates

Use event IDs for idempotency. Events may be delivered multiple times.

Verify Signatures

Always verify webhook signatures using the Svix SDK.

Log Everything

Log event IDs for debugging and audit trails.

Next Steps

Webhooks Quickstart

Step-by-step webhook integration guide.

Svix Documentation

Detailed Svix documentation.