Infrastructure Update - Action Required by June 9, 2025We are updating the list of IP addresses used by our webhook service as part of our ongoing efforts to enhance infrastructure security and reliability.What’s Changing:
- A new set of IP addresses will be introduced for webhook traffic
- Current IP addresses will be deprecated and stop working after June 9, 2025
New IP Addresses by Region
Region: Asia Pacific (Singapore)
Need Help? If you have questions or need assistance with the IP address update, contact our support team at [email protected] or submit a request through the social.plus Help Center.
Overview
Webhook Events provide a powerful way to extend social.plus functionality by receiving real-time triggers from the platform. When enabled, events from your Chat and Social SDK are forwarded to your system instantly, enabling custom integrations and automation.Real-Time Analytics
Store webhook events to build custom analytics dashboards and track user engagement patterns
Content Moderation
Build automated message moderation and user management systems with instant event notifications
Search & Personalization
Create custom search and personalization features based on real-time user activity data
Custom Integrations
Integrate with external systems and build custom workflows triggered by platform events
How Webhooks Work
Webhook vs Traditional API: Unlike traditional APIs where your application makes requests to receive responses, webhooks are “reverse APIs” where social.plus initiates communication by sending data to your system as soon as events occur.
Event-Driven Architecture
Event Triggers
Event Triggers
Real-Time Delivery
- Events are triggered instantly when actions occur in your social.plus application
- HTTP POST payloads sent to your configured webhook URLs
- Near-real-time delivery for immediate response capabilities
- User actions (posts, comments, reactions)
- Chat messages and channel events
- Community and social interactions
- Moderation and safety events
Webhook Characteristics
Webhook Characteristics
Performance Considerations
- All webhook requests timeout in 1.5 seconds
- Your webhook endpoint must respond within this interval
- System should return HTTP 200 status with empty JSON response
- Automatic retry mechanisms for failed deliveries
- Signature verification for security
- Scalable infrastructure for high-volume events
Setup and Configuration
1
Enable Webhook Feature
Submit a request through our support team to enable webhooks (currently in Private Beta). Processing takes approximately 5 business days.
2
Configure Webhook URLs
Admin users can create and manage webhooks in the admin panel:
- Add webhook URLs for event delivery
- Configure event types and filters
- Set up authentication and security
3
Implement Webhook Receiver
Build your webhook endpoint to:
- Accept HTTP POST requests
- Verify webhook signatures
- Process events and respond within 1.5 seconds
4
Test and Monitor
Test your webhook implementation and monitor delivery success rates and response times
Configuration Limits
Webhook Limit
Maximum 10 webhooks per networkRecommended to keep webhook count reasonable for optimal performance and management
Response Time
1.5 second timeoutEnsure your webhook endpoint responds quickly to prevent request timeouts and delivery failures
Security and Authentication
Signature Verification
Security Requirement: Always verify the
x-amity-signature header before processing webhook events to prevent request forgery and ensure data integrity.Delivery Headers
All webhook HTTP POST requests include these headers:| Header | Description |
|---|---|
x-amity-signature | HMAC Base64 digest of the response body using SHA-256 hash function |
User-Agent | Identifies the webhook delivery system |
Content-Type | Always application/json |
Content-Length | Size of the JSON payload |
Available Events
Complete Event Reference: For a full list of available webhook events and their detailed payload structures, please check our API Reference documentation.
Event Categories
Chat Events
Chat Events
Channel Events
channel.didCreate- New channel createdchannel.didUpdate- Channel settings updatedchannel.didDelete- Channel deleted
message.didCreate- New message sentmessage.didUpdate- Message editedmessage.didDelete- Message deletedmessage.didFlag- Message flagged for moderation
Social Events
Social Events
User Events
User Events
User Actions
user.didCreate- New user registereduser.didUpdate- User profile updateduser.didFollow- User followed another useruser.didJoinCommunity- User joined community
user.didFlag- User reported/flaggeduser.didBan- User banned from platformuser.didUnban- User ban lifted
Best Practices
Security
Always Verify Signatures
- Implement signature verification for all webhooks
- Use constant-time comparison to prevent timing attacks
- Keep webhook secrets secure and rotate regularly
- Log suspicious or invalid requests
Performance
Optimize Response Times
- Respond within 1.5 seconds to prevent timeouts
- Process events asynchronously when possible
- Implement proper error handling and logging
- Monitor webhook performance and delivery rates
Reliability
Handle Failures Gracefully
- Implement retry logic for failed processing
- Handle duplicate events appropriately
- Store events for replay in case of system failures
- Monitor webhook health and alert on issues
Scalability
Design for Scale
- Use queues for high-volume event processing
- Implement rate limiting and backpressure handling
- Scale webhook endpoints horizontally
- Cache frequently accessed data
Troubleshooting
Common Issues
Common Issues
Webhook Not Receiving Events
- Verify webhook URL is accessible from social.plus servers
- Check firewall rules allow traffic from social.plus IP addresses
- Ensure webhook endpoint responds with HTTP 200 status
- Verify webhook is properly configured in admin panel
- Confirm you’re using the correct webhook secret
- Verify signature calculation matches expected format
- Check for character encoding issues in payload
- Ensure raw request body is used for signature verification
Performance Issues
Performance Issues
Timeout Problems
- Optimize webhook handler for sub-1.5 second response
- Move heavy processing to background jobs
- Implement proper database connection pooling
- Add monitoring and alerting for response times
- Implement event queuing and batch processing
- Scale webhook endpoints horizontally
- Use caching for frequently accessed data
- Consider implementing backpressure mechanisms
Debugging Tips
Debugging Tips
Testing Webhooks
- Use tools like ngrok for local development testing
- Implement comprehensive logging for webhook events
- Test with different event types and payloads
- Monitor webhook delivery success rates
- Set up alerts for webhook failures
- Monitor response times and error rates
- Log all webhook events for debugging
- Implement health checks for webhook endpoints
Getting Started: Start with a simple webhook handler that logs all events, then gradually add processing logic for specific event types relevant to your use case.
Comment Eventspost.didCreate- New post publishedpost.didUpdate- Post editedpost.didDelete- Post deletedpost.didReact- Reaction added to postcomment.didCreate- New comment addedcomment.didUpdate- Comment editedcomment.didDelete- Comment deleted