Sprusify

Webhooks & API

Sprusify provides webhook events and a REST-style API to integrate referral data into other systems. This document explains common events, verification, and sample flows.

Primary webhook events

  • click.created: emitted when a visitor follows an affiliate link.
  • conversion.created: when an order is attributed to an affiliate.
  • payout.sent: when a payout is processed (automated or manual).
  • dispute.updated: when a dispute status changes.

Security & verification

  • Webhook payloads include a signature header; verify it using the WEBHOOK_SECRET to trust payloads.
  • Use idempotency to ensure repeated deliveries do not duplicate records.

API usage patterns

  • Pull reports: query conversions, clicks, and payouts for a date range for BI integration.
  • Push mapping data: upload discount_code -> affiliate_id mappings or campaign config via API.

Example integration flows

  • Analytics sync: subscribe to conversion.created, transform payload to your BI schema, and store in a data warehouse.
  • Payout automation: listen for payout.sent to notify external accounting systems and reconcile bank transfers.

Developer notes

  • Respect rate limits on APIs; implement exponential backoff.
  • Provide webhook retry logs in admin UI to simplify debugging.

If you need a custom event or a higher-throughput integration, contact support for an enterprise integration plan.

  • All webhook payloads include X-Spru-Signature (HMAC-SHA256) using your app secret - always verify before processing.

Retry & idempotency

  • Sprusify will retry failed deliveries with exponential backoff. Build idempotent handlers using the order ID.

Sample webhook payload (order.created)

{ “id”: “12345”, “store_id”: “store_abc”, “total”: 99.95, “affiliate_id”: “aff_678”, “coupons”: [“AFF10”] }

Using the API

  • Authentication: Bearer tokens with rotating keys in Admin > API keys.
  • Rate limits: keep requests below 5 RPS; use bulk endpoints for exports.

Troubleshooting

  • If webhooks fail, check your endpoint’s TLS certificate and that your endpoint returns HTTP 200 quickly (within 10s).