Uniqode now supports webhook integrations to send real-time data to another application when a specific event occurs. View current supported events
Prerequisites
Uniqode Pro plan or above with admin privileges
Creating a new webhook
Click on Webhooks under Developer on the left-side menu
Click the "Add" button to create a new webhook
Provide the following details:
Webhook URL: The endpoint where you want to receive event data.
Trigger Events: Select one or more events that will trigger the webhook.
Currently supported events:
QR Code Created
QR Code Viewed
QR Code Updated
QR Code Deleted
DBC Lead Created
Form Response Submitted
Viewing your webhooks activity
Once a webhook is created:
Go to the Webhooks page under the Developer section to view a list of all configured webhooks.
For each webhook, you can see:
URL: The configured end point where you want to receive the data
Event Type: All the events that trigger the webhooks
Error Rate: Percentage of errors occurring while triggering the events.
This calculates the error rate for the past 7 days. If the webhook is newer, it uses all available data. If there are no events, it shows "N/A."Status: Displays whether the webhook is Active or Inactive
Viewing your event records
Click on the webhook URL you want to view the event history for
Click on any item from the EVENT TYPE list to view its details
For each event record:
You can see detailed event data, including request and response information.
You can retrigger the event manually any number of times by clicking on Resend. You cannot take this action if the webhook is Inactive.
Events can be filtered by status:
All – Shows all events regardless of their status
Success – Event was delivered successfully
Failed – Event delivery failed, even after multiple attempts
Processing – Event is still retrying and hasn’t been marked as failed yet
Understanding webhook event status
Success
This means your event was sent and acknowledged successfully by the target URL (your webhook endpoint). No further action is needed.
Failed
An event is marked as Failed when:
You manually trigger a Resend but it fails
The system automatically retries the event (using exponential backoff) for up to 3 days, but all attempts fail
After this period, the system stops retrying and marks the event as Failed.
Processing
This means the event is currently being retried. The webhook delivery failed initially, but our system is still trying to deliver it.
We use exponential backoff—this means the time between retries increases gradually to avoid overloading your servers.
When you click on the event, you'll also see:
Next Retry Time – The scheduled time for the next attempt to trigger the event.
Attempt Count – The number of times we've tried to send the event. Each event is retried up to 10 times.
After 3 days of retries, the event moves to the Failed state.
Note: Events are listed in descending order, with the most recent at the top and older ones below.
Editing a webhook
To update the webhook’s endpoint or trigger settings, click on Edit on the top right corner in the webhook detail view.
Note: If the webhook endpoint is updated, all past events (including retries) will be sent to the new endpoint—not the original one.
Enabling or disabling a webhook
Users can enable or disable a webhook by toggling the Active setting in the webhook edit dashboard. When disabled, the webhook won't receive any events.
This helps control and limit the number of triggers sent to their platform.
Active status
Inactive status
Note: If a webhook has a 100% error rate over the past 7 days (i.e., all events failed), it will be automatically disabled. An email notification will be sent to the webhook creator and the account owner informing them of the same.
Verifying a webhook signature
When we send a webhook request, we include two custom headers:
X-Beaconstac-Webhook-Signature
X-Uniqode-Webhook-Signature
Note: Both headers contain the same HMAC signature value.
This signature is used to validate the authenticity of the webhook request. It is generated using:
A timestamp
The event payload
The webhook shared secret assigned to your integration
The HMAC is calculated as follows:
HMAC_SHA256(timestamp + payload, shared_secret) Format would be "t={timestamp},s={hex_hmac_obj}"
To verify the webhook:
Extract the timestamp and payload from the request.
Recompute the HMAC using your shared secret. You can find the shared secret in the webhook edit dashboard by clicking on Reveal for the respective webhook
Signing secret with reveal button
Exposed signing secretCompare it to the signature in the headers.
Please process the webhook events within 30 minutes of their trigger to ensure data integrity. Verifying the webhook signature confirms that the webhook came from us and the data hasn’t been altered.