GolfGlobe365 GAMP
Endpoints

Webhooks

Webhooks

Register webhook endpoints to receive real-time notifications about booking events.

Register a Webhook

Code
 
POST /webhooks

Request Body

JSONCode
 
{
  "url": "https://api.youragency.example/webhooks/gg365",
  "events": ["booking.confirmed", "booking.cancelled", "booking.modified"],
  "description": "Production booking notifications"
}

Response

JSONCode
 
{
  "data": {
    "id": "wh_abc123",
    "url": "https://api.youragency.example/webhooks/gg365",
    "events": ["booking.confirmed", "booking.cancelled", "booking.modified"],
    "description": "Production booking notifications",
    "isActive": true,
    "createdAt": "2026-07-01T10:00:00Z"
  }
}

List Webhooks

Code
 
GET /webhooks

Returns all registered webhooks for the authenticated agency.

Update a Webhook

Code
 
PUT /webhooks/{id}

Updates webhook URL, events, or description.

Delete a Webhook

Code
 
DELETE /webhooks/{id}

Removes a registered webhook endpoint.

View Delivery Logs

Code
 
GET /webhooks/{id}/logs

Returns delivery logs for a specific webhook, including success/failure status and response codes.

Webhook Events

Event TypeDescription
booking.confirmedBooking confirmed by the golf course
booking.cancelledBooking has been cancelled
booking.modifiedBooking details have been modified
refund.processedRefund has been processed

Webhook Payload

JSONCode
 
{
  "type": "booking.confirmed",
  "data": {
    "bookingId": "bk_abc123",
    "bookingReference": "GG365-2026-12345",
    "courseId": "abc123def456",
    "date": "2026-07-15",
    "teeTime": "08:30",
    "status": "confirmed"
  },
  "timestamp": "2026-07-15T08:00:00Z"
}

Signature Verification

Webhook payloads include an X-GG-Signature header containing an HMAC-SHA256 signature. Verify this signature using your webhook secret to ensure the payload is authentic.

JavascriptCode
 
const crypto = require('crypto');

function verifySignature(payload, signature, secret) {
  const hmac = crypto.createHmac('sha256', secret);
  const digest = hmac.update(payload).digest('hex');
  return crypto.timingSafeEqual(Buffer.from(digest), Buffer.from(signature));
}

Always verify webhook signatures before processing events. Respond with 200 OK promptly to acknowledge receipt.

Last modified on
Group Bookings