Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.sellfern.com/llms.txt

Use this file to discover all available pages before exploring further.

Webhooks allow event-driven integrations for order, item, fulfillment, and catalog workflows when the relevant webhook endpoints and events are present in the V1 API Reference. Webhook management writes use the same public write safety rules as other mutation endpoints: include an Idempotency-Key, retry uncertain network or 5xx failures with the same key, and treat 422 idempotency_conflict as a signal that the key was reused with a different request body.

Events

Available webhook events are listed in the V1 API Reference. Treat events absent from the API Reference as unavailable for public integrations.

Signature verification

Verify the webhook signature before trusting the payload. Reject events with missing or invalid signature data according to the signature scheme documented in the V1 API Reference.

Delivery retries

If your endpoint returns a non-2xx response or times out, Sellfern may retry delivery. Process events idempotently using the event ID so repeated deliveries do not duplicate work.

Example payload

{
  "id": "evt_01HX...",
  "type": "order.updated",
  "created_at": "2026-05-23T12:00:00.000Z",
  "organization_id": "org_123",
  "data": {
    "order_id": "ord_123"
  }
}

Safety checklist

  • Verify webhook signatures before trusting the payload; reject events with missing or invalid signature data.
  • Verify event ownership and organization isolation before mutating local state.
  • Return a successful response only after the event is accepted for processing.
  • Make event processing idempotent in your own system.
  • Rotate webhook secrets if exposure is suspected.

Source of truth

Use the API Reference to confirm which webhook management endpoints and event payloads are V1-ready. If a webhook endpoint or event is absent from the V1 API Reference, treat it as unavailable for public integrations.