Flip Energy API
  1. Webhooks
Flip Energy API
  • Overview
  • Important concepts
  • Authentication
  • Enrollment process
  • End-user app design
  • Monitoring / Telemetry
  • Control
  • Mobile App API
    • Devices
      • Create Device
      • Read Devices
      • Read Device
      • Update Device
      • Delete Device
    • Enrollments
      • Create Enrollment
      • Read Enrollments
      • Read Enrollment
      • Delete Enrollment
    • Events
      • Read Events
      • Read Event
      • Update Event Participation
    • Programs
      • Read Programs
      • Read Program
    • Sites
      • Read Site
      • Update Site
  • Cloud API
    • Sites
      • Get Site Token
      • Get Sites
    • Commissioning
      • Commission Site And Devices
    • Sessions
      • Sessions
    • Commands
      • Command Created
      • Update Command Status
    • Programs
      • Read Programs
    • Telemetry
      • Report Battery Telemetry
    • Webhooks
      • Overview
      • List of events
      • Webhook headers
      • Schemas
        • Command
        • Enrollment
        • Event
  1. Webhooks

Webhook headers

Webhook-Id#

The Webhook-Id header allows you to build an idempotent implementation if you wish to, in case the same webhook is sent more than once.

Webhook-Signature#

The Webhook-Signature allows you to verify that the webhook is legitimate and comes from Flip's servers. In order to compute the signature, you will need to receive a signing key from Flip (please ask if you don't have it).
We follow the implementation recommended by the "standard-webhooks" standard. For more information, please check out their docs.
Here's an implementation in TypeScript:
Where:
body is the body of the webhook request
eventTimestamp is the timestamp attribute in the webhook request body (not the value of the Webhook-Timestamp header)
id is the value of the Webhook-Id header
signature is the value of the Webhook-Signature header
signingKey is the secret signing key provided by Flip

Webhook-Timestamp#

The Webhook-Timestamp header represents the UNIX time in seconds when the webhook was created. Use it to prevent replay attacks. The value should be within 10 minutes of the current time.
Modified at 2025-03-24 18:58:50
Previous
List of events
Next
Command
Built with