Skip to main content

api

Webhooks

Receive signed HTTPS callbacks when OCR jobs complete or fail.

Setup

  1. Open Settings → Webhooks
  2. Add an HTTPS endpoint URL
  3. Copy the signing secret shown once (you can re-reveal later)
  4. Handle ocr.done and ocr.failed

Payload

{
  "eventType": "ocr.done",
  "taskId": "…",
  "userId": "…",
  "provider": "paddle-ai-studio",
  "status": "done",
  "pageCount": 2
}

Verification

  1. Read X-Webhook-Timestamp, X-Webhook-Nonce, X-Webhook-Signature
  2. Reject if timestamp is older than ~5 minutes
  3. Compute HMAC-SHA256 of `${timestamp}.${nonce}.${rawBody}` with your endpoint secret
  4. Compare to the signature (sha256=<hex>)

Failed deliveries are retried by a daily cron until marked dead.