Prerequisites
To gain access to the Levanta Webhooks you must have a valid API key, make sure you have followed the prerequisites as outlined in the Creator API Documentation
Introduction
Webhooks are a way to receive real-time updates from Levanta about activity happening in your account. Every time an event you are subscribed to occurs, Levanta will send your endpoint a request containing the event details. Follow the instructions below to get started!
Getting Started
To get started with Levanta Webhooks, you can visit https://app.levanta.io/creator/settings/api and click “Create Endpoint”. An endpoint is a specific destination, owned by you, that is ready to receive webhook events from Levanta. Enter the URL and choose the events that you would like to subscribe to.
Security (Recommended)
Levanta implements a Hash-based message authentication code (HMAC) to help you verify requests are really coming from Levanta’s severs. Levanta will provide a secret key, available in the webhook dashboard, that you may use for this verification process. To verify Levanta webhooks, follow the following steps for each request:
- Read the
x-levanta-hmac-sha256header from the given request. - Create a sha-256 hash of the full request body sent by Levanta using the webhook secret key
- Encode the sha-256 hash into hex
- Compare the generated hex code with the header given by Levanta, if they match, your request is verified.
Here’s some example code in Node.js:
import { createHmac, timingSafeEqual } from 'crypto';
import { IncomingMessage } from 'http';
import { buffer } from 'micro';
const LEVANTA_WEBHOOK_SECRET = 'test-secret';
const verifyLevantaWebhook = async (req: IncomingMessage) => {
const rawRequestBody = await buffer(req);
const levantaHmacHeader = req.headers['x-levanta-hmac-sha256'];
const signature = createHmac('sha256', LEVANTA_WEBHOOK_SECRET).update(rawRequestBody).digest('hex');
const trusted = Buffer.from(signature, 'utf-8');
const untrusted = Buffer.from(levantaHmacHeader, 'utf-8');
return timingSafeEqual(trusted, untrusted);
};
Event Documentation
link.disabled
This event is sent whenever a previously active link has been disabled. This can happen when a brand removes a product from the Levanta marketplace, or has left Levanta altogether. It may also occur when a Creator manually disables a link.
Payload:
{
"id": "f389f591-605b-414a-a723-91facb51496d",
"type": "link.disabled",
"created": 1697129696444,
"version": "1.0.0",
"data": {
"id": "lv_test_M46DpmeyOqlpzWihYO",
"url": "https://amazon.com/dp/B0BCYQL76Z?maas=maas_adg_api_92bb60a2-b343-4f3b-8e19-91edabf8d162_static_9_129&ref_=aa_maas&tag=maas&aa_campaignid=lv_test_jFQX40OTtAmtuDRdz2&aa_adgroupid=lv_test_M46DpmeyOqlpzWihYO&aa_creativeid=lv_test_3Lzv1xNujctNkMU2Ie&m=e113ee5e-e7ee-4351-8786-e70fe5af3f1f",
"active": false,
"object": "link",
"sourceId": "my-source-id...",
"sourceName": "my-source-name...",
"sourceSubId": "my-sub-id..."
}
}
product.access.gained
This event is sent when you gain access to a product. This means you are able to create a link for the product.
Payload:
{
"id": "f389f591-605b-414a-a723-91facb51496d",
"type": "product.added",
"created": 1697129696444,
"version": "1.0.0"
"data": {
"object": "product",
"asin": "AAAAAAAAAA",
"marketplace": "amazon.com",
"commission": 0.10,
"pricing": {
"currency": "USD",
"price": 10.99,
},
}
}
product.removed
This event is sent when a product is removed from the Levanta catalog. You may or may not have access to it.
Payload:
{
"id": "f389f591-605b-414a-a723-91facb51496d",
"type": "product.removed",
"created": 1697129696444,
"version": "1.0.0"
"data": {
"object": "product",
"asin": "AAAAAAAAAA",
"marketplace": "amazon.com",
"commission": 0.10,
"pricing": {
"currency": "USD",
"price": 10.99,
},
}
}