Using Productive's open API you can create custom integrations with various other apps. To automate that process, you can use webhooks.
With webhooks, instead of fetching data manually, you can subscribe to certain events when triggered.
For example, you can notify your application when you create a deal, delete an invoice or update a time entry.
Adding a Webhook
For the initial setup, go to Settings > Webhooks

Next, click on Add Webhook:

Data will be pushed to the desired destination you can enter in Target URL.
Add the name of the integration and select an event to trigger it under Fire After Event:

Click on Add Webhook to create the integration.
In the same menu, you can check the number of created webhooks. You can also edit and delete the webhook, or check its status by clicking on the name.

Webhooks Retry
For all webhook executions which do not respond with status code 2xx, the webhook will retry with 25 more executions for the next 48 hours.
If three sequential events are unsuccessful, the integration will be deactivated.
To learn more, visit our Developer Site.
Webhooks list
The following webhooks are currently available in Productive:
Booking created
Booking deleted
Booking edited
Budget created
Budget deleted
Budget edited
Company archived
Company created
Company updated
Deal created
Deal deleted
Deal updated
Expense created
Expense deleted
Expense updated
Invoice created
Invoice deleted
Invoice updated
Payment created
Payment deleted
Payment updated
Person archived
Person created
Person updated
Project created
Project deleted
Project updated
Task created
Task deleted
Task updated
Time entry created
Time entry deleted
Time entry updated
Security and verification
Our webhooks use a signature in the webhook header for verification. In headers under 'Productive-Signature' you can find timestamp (in seconds) as a string prefixed with "t=
" and signature prefixed with "s=
". For example:
t=1629793288,s=280f5edcdb917262c25ec0e58944a97a0420cb4bac7e7eab0e8553b265772d2e
The signature is an HMAC with the SHA256 hash function. To verify the signature you should compute HMAC with webhook secret and string that is created concatenating:
the timestamp (in seconds as a string)
the character
.
the JSON payload (the request body) of the webhook
Then compare the signature in the header with the generated signature. When they match, the webhook is verified.
You can find the webhooks secret in Productive under webhook logs in the top right corner of the screen:
