Webhooks
Real-time event notifications • Secure & Reliable
Receive instant notifications when important events occur in your insurance workflow
Real-time
Events delivered within seconds
Verified
HMAC signature verification
Automatic Retry
Smart retry with backoff
Event History
30-day webhook log retention
Available Events
quote.createdA new insurance quote has been generated
quote.expiredA quote has expired without being purchased
policy.purchasedA new policy has been successfully purchased
policy.activatedPolicy coverage has become active
policy.expiredPolicy coverage has expired
policy.cancelledA policy has been cancelled
policy.updatedPolicy details have been modified
claim.submittedA new claim has been submitted
claim.approvedA claim has been approved for payment
claim.deniedA claim has been denied
payment.succeededPayment has been successfully processed
payment.failedPayment processing has failed
HiQor Partners Only
HiQor Partner Events
Real-time notifications for partner management and revenue tracking
partner.signupHiQorNew partner has registered in the system
Payload: partner_id, name, email, business_type, status
partner.activatedHiQorPartner completed onboarding and is now active
Payload: partner_id, microsite_url, activated_at, contracts_signed
partner.deactivatedHiQorPartner account has been deactivated
Payload: partner_id, reason, deactivated_at
commission.earnedHiQorCommission credited from policy sale
Payload: partner_id, policy_id, amount, hiqor_share, partner_share
payout.readyHiQorPartner payout is ready for distribution
Payload: partner_id, amount, period_start, period_end, breakdown
payout.processedHiQorPayout has been marked as processed
Payload: partner_id, payout_id, amount, processed_at, reference
microsite.createdHiQorNew microsite provisioned for partner
Payload: microsite_id, partner_id, slug, url, qr_code_url
microsite.updatedHiQorMicrosite branding or settings updated
Payload: microsite_id, partner_id, changes
Revenue Split: Commission events include both HiQor share (70%) and Partner share (30%) for easy reconciliation with your accounting systems.
Setup Guide
webhook-setup.js
// 1. Configure Webhook Endpoint in Dashboard
// Navigate to Settings → Webhooks → Add Endpoint
{
"url": "https://your-site.com/api/webhooks/insurance",
"events": [
"policy.purchased",
"policy.cancelled",
"claim.submitted",
"payment.succeeded"
],
"secret": "whsec_abc123xyz789" // Auto-generated signing secret
}
// 2. Verify webhook signature for security
import crypto from 'crypto'
function verifyWebhookSignature(payload, signature, secret) {
const expectedSignature = crypto
.createHmac('sha256', secret)
.update(payload)
.digest('hex')
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expectedSignature)
)
}
// 3. Handle webhook in your API endpoint
export async function POST(request) {
const payload = await request.text()
const signature = request.headers.get('x-dei-signature')
const secret = process.env.WEBHOOK_SECRET
// Verify signature
if (!verifyWebhookSignature(payload, signature, secret)) {
return new Response('Invalid signature', { status: 401 })
}
const event = JSON.parse(payload)
// Process the event
switch (event.type) {
case 'policy.purchased':
await handlePolicyPurchased(event.data)
break
case 'claim.submitted':
await handleClaimSubmitted(event.data)
break
// ... handle other events
}
return new Response('Success', { status: 200 })
}Payload Examples
Policy Purchased Event
policy-purchased.json
// policy.purchased event payload
{
"id": "evt_abc123xyz",
"type": "policy.purchased",
"created": "2026-06-15T14:35:00Z",
"livemode": true,
"data": {
"policy": {
"id": "pol_xyz789abc",
"policy_number": "DEI-2026-08-001234",
"status": "active",
"premium": 245.00,
"coverage_start": "2026-08-15T00:00:00Z",
"coverage_end": "2026-08-16T05:59:59Z",
"event": {
"type": "wedding_reception",
"date": "2026-08-15",
"venue": "Grand Ballroom",
"guests": 150
},
"coverage": {
"general_liability": 1000000,
"property_damage": 50000,
"liquor_liability": true,
"cancellation": true
},
"insured": {
"name": "Jane Smith",
"email": "jane@example.com",
"phone": "+1-555-0123"
},
"documents": {
"certificate": "https://docs.dailyeventinsurance.com/cert/pol_xyz789abc.pdf",
"policy": "https://docs.dailyeventinsurance.com/policy/pol_xyz789abc.pdf"
}
}
}
}Claim Submitted Event
claim-submitted.json
// claim.submitted event payload
{
"id": "evt_def456uvw",
"type": "claim.submitted",
"created": "2026-08-20T10:15:00Z",
"livemode": true,
"data": {
"claim": {
"id": "clm_789xyz123",
"claim_number": "CLM-2026-001234",
"status": "submitted",
"policy_id": "pol_xyz789abc",
"policy_number": "DEI-2026-08-001234",
"amount_claimed": 15000.00,
"incident_date": "2026-08-15",
"incident_description": "Vendor cancellation due to emergency",
"category": "cancellation",
"submitted_by": {
"name": "Jane Smith",
"email": "jane@example.com",
"phone": "+1-555-0123"
},
"documents": [
{
"type": "receipt",
"url": "https://claims.dailyeventinsurance.com/doc/abc123.pdf"
},
{
"type": "vendor_cancellation",
"url": "https://claims.dailyeventinsurance.com/doc/def456.pdf"
}
],
"submitted_at": "2026-08-20T10:15:00Z"
}
}
}Implementation Examples
Express.js Handler
express-webhook.js
// Express.js webhook handler
const express = require('express')
const crypto = require('crypto')
const app = express()
// Use raw body for signature verification
app.post('/api/webhooks/insurance',
express.raw({ type: 'application/json' }),
async (req, res) => {
const signature = req.headers['x-dei-signature']
const payload = req.body.toString()
// Verify signature
const expectedSig = crypto
.createHmac('sha256', process.env.WEBHOOK_SECRET)
.update(payload)
.digest('hex')
if (signature !== expectedSig) {
return res.status(401).send('Invalid signature')
}
const event = JSON.parse(payload)
try {
switch (event.type) {
case 'policy.purchased':
// Update your database
await db.bookings.update({
where: { id: event.data.policy.metadata.booking_id },
data: {
insurancePolicy: event.data.policy.policy_number,
insuranceStatus: 'active'
}
})
// Send confirmation email
await sendEmail({
to: event.data.policy.insured.email,
subject: 'Insurance Coverage Confirmed',
template: 'insurance-confirmation',
data: event.data.policy
})
break
case 'claim.submitted':
// Notify admin team
await notifyAdminTeam({
type: 'new_claim',
claimNumber: event.data.claim.claim_number,
amount: event.data.claim.amount_claimed
})
break
case 'payment.failed':
// Handle failed payment
await handlePaymentFailure(event.data.payment)
break
}
res.status(200).send('Success')
} catch (error) {
console.error('Webhook processing error:', error)
res.status(500).send('Internal server error')
}
}
)
app.listen(3000)Next.js API Route
route.ts
// Next.js API Route (app/api/webhooks/insurance/route.ts)
import { NextRequest } from 'next/server'
import crypto from 'crypto'
export async function POST(request: NextRequest) {
const payload = await request.text()
const signature = request.headers.get('x-dei-signature')
// Verify webhook signature
const expectedSignature = crypto
.createHmac('sha256', process.env.WEBHOOK_SECRET!)
.update(payload)
.digest('hex')
if (signature !== expectedSignature) {
return new Response('Invalid signature', { status: 401 })
}
const event = JSON.parse(payload)
// Handle the event
switch (event.type) {
case 'policy.purchased':
await handlePolicyPurchased(event.data.policy)
break
case 'claim.submitted':
await handleClaimSubmitted(event.data.claim)
break
default:
}
return new Response('Success', { status: 200 })
}
async function handlePolicyPurchased(policy: any) {
// Update your database
const booking = await prisma.booking.update({
where: { id: policy.metadata.booking_id },
data: {
insurancePolicyId: policy.id,
insurancePolicyNumber: policy.policy_number,
insuranceStatus: 'active',
insurancePremium: policy.premium
}
})
// Send notifications
await sendInsuranceConfirmation(booking, policy)
}
async function handleClaimSubmitted(claim: any) {
// Create claim record in your system
await prisma.claim.create({
data: {
claimId: claim.id,
claimNumber: claim.claim_number,
policyId: claim.policy_id,
amount: claim.amount_claimed,
status: claim.status,
submittedAt: new Date(claim.submitted_at)
}
})
// Notify admins
await notifyAdminsOfNewClaim(claim)
}Retry Policy
Automatic Retry with Exponential Backoff
If your endpoint returns a non-2xx status code, we'll automatically retry with increasing delays
1st
ImmediateInitial delivery attempt
2nd
1 minuteFirst retry after failure
3rd
5 minutesSecond retry with backoff
4th
30 minutesThird retry with longer delay
5th
2 hoursFourth retry before giving up
Final
24 hoursLast attempt, then marked as failed
Security Best Practices
- Always verify the webhook signature before processing events
- Use HTTPS endpoints only - HTTP endpoints will be rejected
- Store webhook secrets securely in environment variables
- Return 200 status quickly, then process events asynchronously
- Implement idempotency to handle duplicate events gracefully
- Log all webhook events for debugging and audit purposes
Testing Webhooks
Use our webhook testing tools in the dashboard to:
- •Send test events to your endpoint
- •View webhook delivery history and responses
- •Manually retry failed webhook deliveries
- •Monitor webhook success rates and latency
Need Help with Webhooks?
Our technical team can help you set up and troubleshoot webhook integrations