Guides

Creating a webhook subscription

Subscribe to event notifications about customer events on AngelList

Suggest Edits

Overview

AngelList notifies your API of certain transaction events via a webhook. These notifications come as JSON data.

The signature of the webhook payload is below:

{
  id: uuid
  type: string
  timestamp: datetime
  metadata: {
    sourceStateKey: string
    targetStateKey: string
    triggerEventKey: string
  }
  transaction: {
    id: uuid
    createdAt: datetime
    senderEntityId: uuid
    senderOrganizationId: uuid
    senderOrganization: {
      handle: string
    }
    transactionRecipients: [
      {
        id: string
        noticeName: string
        noticeEmail: string
        entity: {
        	id: uuid
        	name: string
        	email: string
        	type: string
      	}
      }
    ]
  }
}

Getting started

1. Register your notification URL with AngelList

To begin receiving notifications from AngelList about transaction events, you will need to configure your notification URL.

Please submit a request to the AngelList team with the following information:

  1. The webhook notification URL to the AngelList team.
  2. Your organization handle
  3. For which environment you need the key (staging or production)
  4. The email(s) of the users at your organization who will retrieve the key

Upon receipt of the information above

2. Retrieve the HMAC key

The AngelList team will create the HMAC key and then share the key with you via a secure link that is only available to the email(s) you provided. The link will expire within one hour.

The HMAC key should have the prefix sk_test_hmac if you are using the staging environment or sk_live_hmac if you are using the production environment.

Note, you cannot use the staging key for the production environment. If you want to enable integration with the production environment, please send a separate request for a different key.

Authenticate webhook calls

AngelList's webhook implementation uses HMAC as an authentication method. When AngelList calls your webhook endpoint, it will send a hash in the request header X-AngelList-Signature. This hash is created by hashing the request body with your HMAC key.

To authenticate the webhook call, your webhook endpoint implementation needs to hash the request body with your HMAC key and compare the result with X-AngelList-Signature before processing the response body.

Updated about 1 year ago