Comment on page
Fractal ID uses
application/jsoncontent type to deliver the JSON payload directly as the body of the
Fractal ID expects your server to reply with response code
2xxto identify successful delivery. All response codes outside this range, including
3xxcodes, will indicate to Fractal ID that you did not receive the webhook.
Fractal ID will make sure to send notification successfully at least once to the client. There is a possibility of receiving the same successful webhook notification multiple times, but in very rare cases. This means you should likely want to ensure your endpoint is idempotent.
Fractal ID will retry to send webhooks notification if:
- Client server failed to respond in 10 seconds.
- Client server is unavailable (network errors).
- Client server returns other response code than
Fractal ID uses exponential backoff to retry events.
The order of callbacks to webhook endpoints is not guaranteed.
For, e.g., two subsequent status changes, if initial attempt to deliver first notification fails it's being scheduled for retry. Second notification may arrive earlier than the retry on the first notification happens.
To mitigate the risk of setting incorrect user status based on received webhook callbacks we encourage you to keep track of the
timestampfields of the status change notifications and compare them internally, or retrieve user information upon getting a webhook callback.
Suppose for the given example the secret token is
POST /callback HTTP/1.1