How to Configure a Webhook
The subscription method means that you can decide which webhooks are active - you do not receive data from the ones you are not interested in.
You can subscribe to the webhook in two ways.
One way is to use the admin panel, which will allow you to configure webhooks using a graphical interface, and the second is to use the endpoint.
To get to Webhooks in the admin panel head to Webhooks
Webhook name - Webhook name in the system
Active from - Date of webhook activation
Legacy - Information is webhook is working in the Legacy mode
URL - Address to which the webhook is sent
To make it easier to search for a specific webhook, you can use filtering based on the headers or use a search table in the upper right corner:
Adding a new webhook subscription
To add a new webhook subscription:
log in to the app as an Administrator
Go to Webhooks
Click the ADD NEW WEBHOOK button
Fill in the required fields
Click ADD WEBHOOK
From the dropdown list choose the webhook you'd like to subscribe to. Enter the address to which the webhooks will be sent. In addition, you can add multiple headers to the webhook however, it is not required by the system.
After saving, when the correct event is executed, the webhook will be sent to the previously entered address.
You can also subscribe to the webhook by using the endpoint:
/api/{storeCode}/webhook/subscriptionIf sorting is not chosen, the rows will be returned in an unspecified order.
To sort a result, use an _orderBy parameter in query.
Open Loyalty has the JWT authorization. To learn what a JSON Web Token is and how it works, check out Introduction to JSON Web Tokens https://jwt.io/introduction/
Obtain an access token
Send a request with the parameters username and password
Definition
POST /api/admin/login_check Go to definition
POST /api/{storeCode}/member/login_check Go to definition
Example
curl {HOST}/api/admin/login_check
-H 'Content-Type: application/json;charset=UTF-8'
-H 'Accept: application/json, text/plain, */*'
--data-binary '{"username":"admin","password":"password"}'
Example Response
{
"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6...",
"refresh_token":"0558f8bb29948c4e54c443f..."
}
Using JSON Web Token
Add authorization header to each request
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...
You can now access any API method you want under the /api prefix.
Example
curl {HOST}/api/{storeCode}/analytics/members
-H 'Accept: application/json'
-H 'Content-type: application/x-www-form-urlencoded'
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...'
Refresh JSON Web Token
You can refresh token using refresh_token that was given during login.
There are two endpoints
To refresh admin token POST /api/token/refresh Go to definition
To refresh member token POST /api/{storeCode}/token/refresh Go to definition
Store code
List of webhook subscriptions
Forbidden.
GET /api/{storeCode}/webhook/subscription HTTP/1.1
Host: openloyalty.localhost
Authorization: YOUR_API_KEY
Accept: */*
{
"items": [
{
"webhookSubscriptionId": "text",
"eventName": "text",
"url": "text",
"legacy": true,
"createdAt": "2025-11-26T06:53:25.150Z"
}
],
"total": {
"all": 1,
"filtered": 1
}
}Open Loyalty has the JWT authorization. To learn what a JSON Web Token is and how it works, check out Introduction to JSON Web Tokens https://jwt.io/introduction/
Obtain an access token
Send a request with the parameters username and password
Definition
POST /api/admin/login_check Go to definition
POST /api/{storeCode}/member/login_check Go to definition
Example
curl {HOST}/api/admin/login_check
-H 'Content-Type: application/json;charset=UTF-8'
-H 'Accept: application/json, text/plain, */*'
--data-binary '{"username":"admin","password":"password"}'
Example Response
{
"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6...",
"refresh_token":"0558f8bb29948c4e54c443f..."
}
Using JSON Web Token
Add authorization header to each request
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...
You can now access any API method you want under the /api prefix.
Example
curl {HOST}/api/{storeCode}/analytics/members
-H 'Accept: application/json'
-H 'Content-type: application/x-www-form-urlencoded'
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...'
Refresh JSON Web Token
You can refresh token using refresh_token that was given during login.
There are two endpoints
To refresh admin token POST /api/token/refresh Go to definition
To refresh member token POST /api/{storeCode}/token/refresh Go to definition
Store code
Return created webhook subscription ID.
Bad request.
Forbidden.
POST /api/{storeCode}/webhook/subscription HTTP/1.1
Host: openloyalty.localhost
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 112
{
"webhookSubscription": {
"eventName": "text",
"url": "text",
"headers": [
{
"headerName": "text",
"headerValue": "text"
}
]
}
}{
"webhookSubscriptionId": "00000000-0000-0000-0000-000000000000"
}In the body request, put the name of the webhook in eventName and the address of the service you want the data to be sent to in the URL
Webhook body example
Webhook 'account.available_points_amount_changed' automatically informs whenever the number of available points in a user's account changes. The update information is presented in the form of a body containing the following information.
{
"eventName": "string",
"storeCode": "string",
"createdAt": "2019-08-24T14:15:22Z",
"data": {
"customer": {},
"accountId": "string",
"amount": null,
"amountChange": null,
"amountChangeType": "string",
"wallet": {}
}
Webhook can be used as a trigger to execute an action on the user side of the application.
Last updated
Was this helpful?