Skip to main content

Overview

Webhooks allow your application to receive real-time notifications when events occur in Grantex. The webhooks client manages webhook endpoint registrations, and the verify_webhook_signature() function validates incoming payloads. Access the webhooks client via client.webhooks.

Create

Register a new webhook endpoint that will receive event notifications:

Parameters

All parameters are keyword-only.

Returns

A WebhookEndpointWithSecret dataclass. The secret field is only returned at creation time — store it securely for signature verification.

Supported Events

List

List all registered webhook endpoints:

ListWebhooksResponse

WebhookEndpoint

Delete

Remove a webhook endpoint:

Verify Webhook Signatures

When your server receives a webhook payload, verify the signature to ensure it was sent by Grantex and has not been tampered with.

Import

Usage

Parameters

Returns

True if the signature is valid, False otherwise.

How It Works

The signature is computed as sha256=<hex-digest> using HMAC-SHA256 with the webhook secret as the key and the raw request body as the message. The verification uses constant-time comparison to prevent timing attacks.

Full Example

Last modified on February 28, 2026