Printify's API allows consumers to register webhooks which will receive important events, such as product shipping + delivery. If you are not familiar with webhooks: a webhook is a callback endpoint which a service can call to notify a system of some event. In this case, it will be one or more webhooks which will be invoked by Printify when an event such as the ones listed above happen. Once your webhook is invoked, you can grab the data and perform some action, such as sending out emails and writing logs.
Printify's API documentation on webhooks, which can be found here, is a bit unclear when it comes to the process of initially creating a webhook in a secure manner. As of the time of writing this article, the documentation only provides a piece of sample code in Python and does not explain the overall process. Thus, it took us some analysis and research to discover how to actually implement this on our website, which is built in Node JS. The sections below will outline the approach we've discovered for creating secure webhooks.
Before outlining the process of creating and maintaining webhooks, we will need to review the lifecycle of a webhook:
The process of creating + validating webhook secrets can be a bit tricky, so the following sections will outline exactly how to do this.
In order to leverage Printify's webhook functionality, you must define an endpoint to receive the webhook event. We recommend creating one endpoint for each type of event. Printify's API documentation provides the different types of events it can send data for and the schema for each request type. Before creating the webhook, you will need to determine what the url of the webhook itself will be which you will create.
To create the webhook, we will need to generate a secret token. Instructions are provided below:
Open a command line terminal and run the following command:
Windows does not have the 'openssl' program installed by default, but if you have already installed Git, it contains a copy of the program in its Program Files, which can be used as follows:
The program will output some random string which can be used as the secret token.
To register the webhook with Printify, we will take our secret key, webhook endpoint path, and topic for this webhook, and send it to Printify's API. The full list of topics is available in their API documentation. The method below is a modified version of what we use on our own website inside of an object which manages webhooks. Note: once the webhook is registered with some secret key, you will need to save that key somewhere to be used for webhook validations, as described later in this article.
When the webhook is created, Printify will return some ID for that webhook. This ID should be recorded for future use in case the webhook needs to be updated or deleted.
When a webhook event is received, we will want to validate it using our secret token to ensure the event is legitimate. To do this, you will need the following data each time a webhook is invoked:
We will not go into detail on the underlying mechanics, but the webhook can be validated in this manner:
When an event is invoked, the method above should be invoked before any action is taken. Note that it is asynchronous, so we will need an await in front, or a .then afterwords; otherwise, the system will not validate properly.
Modifying and deleting webhooks is relatively straightforward. It can be done in the same way webhooks are created with the following differences:
Printify's API will allow you to create multiple webhooks for the same topic. Therefore, if you implement functionality to have your system automatically create endpoints, you will need to ensure you do not create duplicate registrations. There are two ways you can achieve this:
The points below are based on our own observations of Printify's behavior:
Congrats, you made it to the end of the article! We think one of these articles below might be a good next step along your journey:
Feel free to check out some of our merch while you're here!
Thanks for reading! This page was last updated on 12/19/2021
Follow us on social media for updates and new dev pages and to help support our brand!
Fill out the form below and we'll send you an email reminder to visit this page again:
We've saved your reminder and will send you an email when the time comes.
Unfortunately, there was an error saving your reminder. Please try again.