# Webhooks

{% hint style="info" %}
This feature is only available for our Enterprise customers. For more information, please contact us at <enterprise@countercyclical.io> or [schedule an enterprise demo](https://cal.com/countercyclical/enterprise-demo)
{% endhint %}

## What are Webhooks?

Webhooks are user-defined HTTP callbacks that are triggered by specific events on the platform. When such an event occurs, the platform makes an HTTP POST request to the URL you have configured for the webhook. This allows you to receive immediate notifications and take appropriate actions based on the event data.

## Adding a Webhook <a href="#best-practices" id="best-practices"></a>

{% hint style="info" %}
We allow you to test your webhooks right in Countercyclical with [Svix Play](https://www.svix.com/play/)
{% endhint %}

### **Create a Webhook URL**

First, you need to set up a URL on your server that can accept incoming HTTP POST requests. This URL will be the endpoint that our platform sends webhook events to.

To register a webhook, follow these steps:

### **Navigate to the Webhooks Section**

* Log in to your Enterprise account on the platform.
* Go to the `Settings > Workspace > Advanced > Developers`
* Scroll to the `Webhooks` section.

### **Create a New Webhook**

* Click on the `Create Webhook` button.
* Fill in the required details:
  * **Name:** A name for your webhook (e.g., "New Report Published")
  * **URL:** The subscriber endpoint URL where you want to receive the webhook events
  * **Events:** Select the events you want to subscribe to

### **Save the Webhook:**

* Once you have filled in all the details, click `Save`.

### Managing Webhooks

You can manage your webhooks through the platform's Webhooks section:

* **Edit Webhooks:** Modify the details of an existing webhook (e.g., change the URL or events).
* **Delete Webhooks:** Remove a webhook if you no longer need it.
* **View Logs:** Access logs to see the history of webhook events sent to your endpoint.

## Supported Events and Example <a href="#best-practices" id="best-practices"></a>

{% hint style="info" %}
This section may be updated at any point in the future. We try to keep our webhook events close to/at parity with the generally available <mark style="color:orange;">`PUT`</mark>, <mark style="color:green;">`POST`</mark>, and/or <mark style="color:red;">`DELETE`</mark>  REST API endpoints you'd find in [endpoints](https://docs.countercyclical.io/developers/endpoints "mention")

Please feel free to reach out to us at <feedback@countercyclical.io> if you have any questions or suggestions
{% endhint %}

Below you can find an example of what a common payload will look like, along with the supported events we have on Countercyclical.

### Supported Events

{% hint style="warning" %}
Like API Keys, Webhooks created on the platform are scoped based on the user's permission in the workspace.&#x20;

For the greatest possible visibility across all supported events, we'd recommend having a workspace owner or admins create & manage webhooks. For more information on roles, please see [permissions](https://docs.countercyclical.io/fundamentals/settings/workspace/permissions "mention")
{% endhint %}

Here is a list of supported webhook events across the platform:

* `investment.created` : Action taken when an [Investment](https://docs.countercyclical.io/fundamentals/investments) is created
* `investment.updated`: Action taken when an [Investment](https://docs.countercyclical.io/fundamentals/investments) is updated
* `investment.deleted`: Action taken when an [Investment](https://docs.countercyclical.io/fundamentals/investments) is deleted
* `valuation.created`: Action taken when a [Valuation](https://docs.countercyclical.io/fundamentals/valuations) is created
* `valuation.updated`: Action taken when a [Valuation](https://docs.countercyclical.io/fundamentals/valuations) is updated
* `valuation.deleted`: Action taken when a [Valuation](https://docs.countercyclical.io/fundamentals/valuations) is deleted
* `memo.created`: Action taken when a [Memo](https://docs.countercyclical.io/fundamentals/memos) is created
* `memo.updated`: Action taken when a [Memo](https://docs.countercyclical.io/fundamentals/memos) is updated
* `memo.deleted`: Action taken when a [Memo](https://docs.countercyclical.io/fundamentals/memos) is deleted
* `team.created`: Action taken when a [Team](https://docs.countercyclical.io/fundamentals/teams) is created
* `team.updated`: Action taken when a [Team](https://docs.countercyclical.io/fundamentals/teams) is updated
* `team.deleted`: Action taken when a [Team](https://docs.countercyclical.io/fundamentals/teams) is deleted
* `assumption.created`: Action taken when an [Assumption](https://docs.countercyclical.io/fundamentals/valuations/assumptions) is created
* `assumption.updated`: Action taken when an [Assumption](https://docs.countercyclical.io/fundamentals/valuations/assumptions) is updated
* `assumption.deleted`: Action taken when an [Assumption](https://docs.countercyclical.io/fundamentals/valuations/assumptions) is deleted
* `pipeline.created`: Action taken when a [Pipeline](https://docs.countercyclical.io/fundamentals/pipelines) is created
* `pipeline.updated`: Action taken when a [Pipeline](https://docs.countercyclical.io/fundamentals/pipelines) is updated
* `pipeline.deleted`: Action taken when a [Pipeline](https://docs.countercyclical.io/fundamentals/pipelines) is deleted

{% hint style="info" %}
Update events (e.g. `*.updated`) may only capture top-level updates to the core resource in question based on how our system is set up. If there's a particular event you're looking to capture, it may require an additional event to be created for your use case(s).

Please reach out to us as <feedback@countercyclical.io> if you'd like to see us add any additional events
{% endhint %}

### Payload Example

```json
{
    "id": "msg_1srOrx2ZWZBpBUvZwXKQmoEYga2",
    "eventId": "DUZOjLYj5BwYP6SKfCFbloaX",
    "eventType": "investment.created",
    "timestamp": "2024-11-19 08:29:33.26-06",
    "workspaceId": "7WLHlmQyWCsv1xocMkXK-L4A",
    "applicationId": "TXH5g6eH5pOlozDp0PjMeDYh",
    "payload": {
        "id": "xH6_TtItZImSpCghKUR-FiOP",
        "tickerSymbol": "KO",
        "name": "Coca-Cola Co",
        "description": "The Coca-Cola Company is an American multinational corporation founded in 1892, best known as the producer of Coca-Cola. The drink industry company also manufactures, sells, and markets other non-alcoholic beverage concentrates and syrups, and alcoholic beverages.",
        "address": "1 Coca Cola Plz NW",
        "country": "US",
        "cik": "0000021344",
        "lei": "UWJKFUJFZ02DKWI3RY53",
        "figi": "BBG000BMX4N8",
        "foundingDate": "1892",
        "ipoDate": "1919",
        "headquarters": "Atlanta, GA",
        "ceo": "James Quincey",
        "employees": 82500,
        "exchange": "NYSE",
        "industry": "Beverages",
        "sector": "Manufacturing",
        "issuance": "cs",
        "website": "https://www.coca-colacompany.com",
        "tags": ["Consumer Non-Durables", "Beverages: Non-Alcoholic", "Manufacturing", "Soft Drink Manufacturing"],
        "createdAt": "2024-08-24T15:26:19.628Z",
        "updatedAt": "2024-08-24T15:26:19.628Z",
        "editedName": "Coca-Cola Co",
        "financingType": "Equity",
        "marketType": "Public",
        "type": "Personal",
        "visibility": "Private",
        "isFavorite": false,
        "isLocked": false,
        "isArchived": false,
        "bannerImage": null,
        "clearbit": {...}
    }
}
```

## Best Practices <a href="#best-practices" id="best-practices"></a>

### Securing your Webhook Endpoints <a href="#best-practices" id="best-practices"></a>

To ensure the security of your webhook, consider the following:

* **Validate the Source:** Verify that the incoming requests are actually coming from our platform. This can be done by checking the request headers or using a shared secret.
* **Use HTTPS:** Ensure your webhook URL uses HTTPS to encrypt the data in transit.
* **Rate Limiting:** Implement rate limiting to prevent abuse of your webhook endpoint.