All the available webhook's event are listed in List Webhook Event.

When signature_token is given you can use the webhook header webhook-signature to check the integrity of the request. If the raw body hashed in sha256 with your signature_token as key is different of webhook-signature header, the request is corrupted.

Code exemple :

import hmac
import hashlib

header['webhook-signature'] ==, raw_body, hashlib.sha256).digest()

List of errors

All errors will follow this pattern :

    "message": "You don't have the permission to perform this action",
    "status": 403,
    "data": {

You will often find more details in the data object and when there are several errors on a bulk update, you will find the list of errors in the errors array.

Status Message
403 You don't have the permission to perform this action
404 webhook event(s) not found
webhook not found
409 A webhook with this url already exist
500 Internal server error
Click Try It! to start a request and see the response here!