# Webhook

Webhook sync survey responses data to the custom URL that is provided by you on our dashboard. We support two webhook events currently:

* on completion of a response to a survey.
* on submit of an answer by a user

### Setting up the Webhook integration

* Navigate to Connections Tab > **Webhook** in Blitzllama Dashboard. Click on the **Webhook** section.
* Enter **Webhook URL** and **Webhook secret** in the Webhook Section. We recommend using `https` your webhook URL because it is more secure.
* Click on the **save** button to save webhook details.

{% hint style="info" %}
**group\_id** - every micro survey instance is uniquely identified as <mark style="color:blue;">group\_id.</mark> This identifier can help to identify the group of users' responses to a specific survey instance.&#x20;

**response** - contains the user's response data. The data for all questions except multi-choice is a string. The multi-select question response is an array.

**trigger** - the trigger event that requested the survey.

**event\_type** - used to determine the type of webhook event being sent.

**created\_at** - refers to the timestamp of the user's response in the <mark style="color:blue;">ISO 8601</mark> date and time format.
{% endhint %}

### on completion of a response to a survey.

The webhook payload data contains the response data grouped at a user level. A sample payload is below.

```javascript
{
  "user_id":"user_123",
  "app_key":"blitzllama_api_key",
  "survey_id":"s-xxxxxx-id",
  "survey_name":"Continuous NPS survey",
  "group_id":"g-xxxxxx-id",
  "platform":"link",
  "trigger":"",
  "event_type":"response_group",
  "responses":[
    {
      "question_id":"q-xxxxxx-id",
      "question_order":1,
      "response":"image upload glitches",
      "question_text":"What do you think of our app?",
      "question_type":"input_feedback",
      "created_at":"2022-06-07T22:01:07.000Z"
    },
    {
    "question_id":"q-xxxxxx-id",
    "question_order":2,
    "response":["image upload", "crash issues"],
    "question_text":"Select the issues you are facing",
    "question_type":"multi_select_feedback",
    "created_at":"2022-06-07T22:01:09.000Z"
    }, ...]
  }  

```

### on submit of an answer by a user

The webhook payload contains the answer data that is sent on submission of an answer by a user. A sample payload is below.

```json
{
    "user_id":"user_123",
    "app_key":"blitzllama_api_key",
    "survey_id":"s-xxxxxx-id",
    "group_id":"g-xxxxxx-id",
    "question_id":"q-xxxxxx-id",
    "platform":"android",
    "trigger":"home-page-trigger",
    "question_order":1,
    "response":"image upload glitches",
    "question_text":"What do you think of our app?",
    "question_type":"input_feedback",
    "created_at":"2022-05-13T13:40:33+00:00"
}
```

This webhook is selectively enabled for a few clients.&#x20;

### Validate webhook (optional)

Webhook request header **x-webhook-signature** has the hmac signature to validat&#x65;**.**  Please store **webhook\_secret** in environment variables.&#x20;

```javascript
import crypto from 'crypto';

const key = webhook_secret;  //process.env.BLITZ_WEBHOOK_SECRET
const message = webhook_body //request body req.body
const received_signature = webhook_signature  //req.headers["x-webhook-signature"]
const expected_signature = crypto.createHmac('sha256', WEBHOOK_SECRET)
                                .update(JSON.stringify(webhook_payload))
                                .digest('hex');

if expected_signature != received_signature    
    throw SecurityError
end
```