Using Productive's open API you can create custom integrations with various other apps. To automate that process, you can use webhooks.
With webhooks, instead of fetching data manually, you can subscribe to certain events when triggered.
For example, you can notify your application when you create a deal, delete an invoice, or update a time entry.
Adding a Webhook
For the initial setup, go to Settings > Webhooks
Next, click on Add Webhook:
Data will be pushed to the desired destination you can enter in Target URL.
Add the name of the integration and select an event to trigger it under Fire After Event:
Click on Add Webhook to create the integration.
In the same menu, you can check the number of created webhooks. You can also edit and delete the webhook, or check its status by clicking on the name.
For all webhook executions that do not respond with status code 2xx, the webhook will retry with 12 more executions for the next 48 hours.
If three sequential events are unsuccessful, we will send a message to you, and after 12 unsuccessful tries, we will deactivate the webhook.
Retries are sent every 12 hours.
To learn more, visit our Developer Site.
The following webhooks are currently available in Productive:
Time entry created
Time entry deleted
Time entry updated
Testing the webhook
After the webhook has been created, you can also test it by sending a sample webhook and see if everything is working as expected:
From the same menu, you can also add Custom headers that will contain additional information:
Security and verification
Our webhooks use a signature in the webhook header for verification. In headers under 'Productive-Signature' you can find timestamp (in seconds) as a string prefixed with "
t=" and signature prefixed with "
s=". For example:
The signature is an HMAC with the SHA256 hash function. To verify the signature you should compute HMAC with webhook secret and string that is created concatenating:
the timestamp (in seconds as a string)
the JSON payload (the request body) of the webhook
Then compare the signature in the header with the generated signature. When they match, the webhook is verified.
You can find the webhooks secret in Productive under webhook logs in the top right corner of the screen: