Skip to main content

Webhooks

General

Memida + Webhooks

Transfer events to other systems in real time.

Webhooks enable event-driven real-time communication between Memida and your applications over HTTP. Instead of polling for changes at intervals, Memida sends a POST request to your endpoint as soon as a relevant event occurs.

This allows custom integrations on your own infrastructure, as an alternative or complement to platforms such as Zapier and Make. Webhooks are an ideal complement to the REST API: API handles targeted data reads and writes, webhooks handle immediate reactions to events.

How it works

  1. Create a webhook subscription with target_url and event_type.
  2. Memida sends a signed HTTP request to your endpoint when the event occurs.
  3. Your system validates the signature and processes the payload.
  4. If required, fetch additional detail data via API.

Available event types

The following event types are currently available:

  • apparatus.created
  • apparatus.updated
  • inspection.created
  • inspection.updated

Create webhook

In the user area

Fig.:2 Webhook user view

By clicking "Create webhook" (1), you can add a new webhook to your company. After creation, the webhook signature is shown once. This is required for later authenticity verification in your system that implements the webhook standard. You can see whether your webhook is active via the status indicator on the left (2).

Via API

curl -X POST "https://api.memida.de/api/v1/webhooks/subscriptions" \
  -H "Auth: live YOUR_API_TOKEN" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
    "target_url": "https://example.com/webhooks/memida",
    "event_type": "apparatus.updated",
    "description": "ERP Sync",
    "is_active": true
  }'

Important properties:

  • Each subscription supports exactly one event_type.
  • target_url and event_type cannot be changed after creation.
  • The signing_secret is returned only once when created.

Headers and signature verification

Memida sends the following headers:

  • X-Memida-Id
  • X-Memida-Event
  • X-Memida-Timestamp
  • X-Memida-Signature (v1=<hmac>)

The signature is generated as follows:

HMAC-SHA256(secret, timestamp + '.' + rawJsonBody)

Recommendation for secure processing:

  • Verify every signature server-side.
  • Process events idempotently (deduplicate by event_id).
  • Respond quickly with 2xx and run heavy follow-up work asynchronously.

Trigger test webhook

To test your processing, you can start a test delivery. In the UI, open menu (3) > Send test, or use the API endpoint shown below.

curl -X POST "https://api.memida.de/api/v1/webhooks/subscriptions/<SUBSCRIPTION_ID>/test" \
  -H "Auth: live YOUR_API_TOKEN" \
  -H "Accept: application/json"

Further documentation