Webhooks

Signature header format

X-TT-Signature: t=<unix_ts>,v1=<hex hmac_sha256(secret, t + "." + body)>

2s → 10s → 1m → 5m → 30m → 2h → 6h → 24h

Signs a sample ShipmentEvent locally so you can verify the signature format without hitting an upstream endpoint.

Target URL

The HTTPS endpoint that will receive the signed webhook payload. Use https:// in production; http://localhost is allowed for local testing.

Signing secret

The whsec_ secret from your webhook configuration. Used to compute the HMAC-SHA256 signature header.

Event typePayload73/5000