Skip to main content

Webhooks

Webhooks notify clients about supported API events.

Supported event types:

  • ticket.created
  • rep.assigned
  • job.scheduled
  • schedule.updated
  • job.dispatched
  • job.completed
  • deliverables.transmitted

Webhook deliveries are signed with HMAC-SHA256 and use at-least-once delivery. Clients should verify the signature, deduplicate by event ID, and respond with a 2xx status code when the event is accepted.

Common delivery headers:

  • x-ssn-event-id
  • x-ssn-event-type
  • x-ssn-delivery-id
  • x-ssn-attempt
  • x-ssn-signature
  • x-ssn-signature-alg: hmac-sha256

All site-visit lifecycle events use the same event envelope:

{
  "id": "evt_...",
  "type": "ticket.created",
  "occurredAt": "2026-04-03T16:19:30.074Z",
  "resourceType": "site-visits",
  "resourceId": "visit_...",
  "payloadVersion": "2026-03-24",
  "data": {
    "clientTicketNumber": "CLIENT-TKT-1001",
    "clientSiteId": "STORE-100",
    "status": "New"
  }
}

Event-specific behavior:

  • ticket.created: emitted when a site visit is created.
  • job.scheduled: a schedule date and optional ETA time have been entered on the site visit.
  • rep.assigned: a field rep assignment state changed on the ticket. The payload includes fieldRepName only; it does not include rep email, phone, or internal app ID. If the rep is cleared, fieldRepName is returned as Awaiting reassignment.
  • schedule.updated: an already entered schedule date or ETA time changed before dispatch.
  • job.dispatched: the job is locked in and the ticket has been dispatched to the field rep.
  • job.completed: the site-visit status is completed after SSN QA has passed the visit.
  • deliverables.transmitted: field-rep deliverables and notes have been transmitted to the client endpoint.

Lifecycle events that originate from SSN operations in Quickbase are gated by the client's SSN API Enabled setting. If a client is not API-enabled, SSN does not publish these lifecycle webhooks for that client's site visits.

ticket.created can originate from either the client API or SSN workflows when a ticket is created outside the API. SSN deduplicates those internal publishing paths so a single created site visit should not produce duplicate ticket.created deliveries. If a ticket is created outside the API, SSN registers an API visit_... ID for that Quickbase record before publishing the webhook.