Introduction
Receive real-time notifications about passport events and sync product data from your PIM.
EUlabel supports two directions of webhook communication:
- Inbound webhooks: Your PIM or CMS sends product updates to EUlabel, which automatically regenerates passports
- Outbound webhooks: EUlabel sends event notifications to your systems when passports change or scan thresholds are reached
How it works
Register an endpoint
Add your webhook URL in the EUlabel dashboard or via the API. You'll receive a signing secret for verification.
Choose your events
Subscribe to the events you care about: passport.created, passport.updated, scan.threshold, and more.
Verify and process
Validate the X-Webhook-Signature header on every request, then process the payload idempotently.
Best practices
- Verify signatures for every request.
- Respond with 2xx within 30s to avoid retries.
- Make handlers idempotent (safe to process the same event more than once).
Event types
item.update / item.create
Inbound — PIM/CMS pushes product updates to EUlabel
passport.created
Outbound — a new passport was published
passport.updated
Outbound — an existing passport was modified
passport.deleted
Outbound — a passport was removed
scan.threshold
Outbound — scan count crossed a configured threshold
Signature verification
Always verify webhook signatures before processing payloads. Unverified webhooks can be spoofed by an attacker to inject malicious data into your system.
All webhooks (inbound and outbound) include a cryptographic signature for verification:
X-Webhook-Signature: sha256=<HMAC-SHA256 of request body>Header names may differ slightly between inbound and outbound integrations. Always follow the exact header name documented on the specific inbound/outbound page.
See Inbound webhooks and Outbound webhooks for implementation details.