All Collections
Webhook integration guide
Webhook integration guide
Aleksandra Velkova avatar
Written by Aleksandra Velkova
Updated over a week ago


Use webhooks for your internal needs.

Lootly currently offers 1 webhook: sending the customer information to your endpoint url when a customer redeems points for a reward.

Follow this guide to set this up.

Enable Webhooks in Integrations

  1. Go to Integrations - > Overview

  2. Add Webhooks from the offered options.

  3. Enable Webhook connection

  4. Enable the Redeem reward webhook and enter the endpoint url to which you want Lootly to send the information once points are redeemed:

lootly integrations

5. Save your changes.

Request Authentication

All webhook requests will come with an hmac used for verifying the authenticity of the request. You can authenticate the requests by calculating your own local signature using your secret key, then checking if it matches the one in the webhook parameters.

Here’s a code sample:

$data = json_decode($response);

$hmacSent = $data->hmac;

unset($data->hmac); // remove hmac from data to check signature

$secretKey = "xxxxx";

$hmacLocal = base64_encode(hash_hmac('sha256', json_encode($data), $secretKey, true));

if($hmacSent == $hmacLocal){

echo "Authenticated!";


echo "NOT Authenticated";


Feel free to reach out to us in the chat if you have any questions or need any help with webhooks.

Did this answer your question?