Toast-Signature

As a security measure, all webhook messages contain a signature in the Toast-Signature HTTP header. A webhook endpoint uses the Toast-Signature header to confirm that a webhook update message is coming from a known, secure source. See Message signing for more details.

Toast-Event-Type

The type of event that has occurred, for example, a partner_added event for the partners webhook or a low_quantity event for the stock webhook.

Toast-Restaurant-External-ID

If the triggering event has occurred at a restaurant, the GUID of that restaurant is included in the Toast-Restaurant-External-ID HTTP header, for example, if the webhook update is for a low_quantity event, this header identifies the restaurant where the inventory quantity is low. This header is omitted if the triggering event has not occurred at a restaurant, for example, the header is omitted for the Partners webhook event types because those events are triggered by changes to a partner's status, not changes to a restaurant's status.

Toast-Event-Category

The event category, for example, partners or stock.

Accept-Encoding

gzip,deflate

Connection

close

Content-Length

The size of the message body, in bytes.

Content-Type

application/json

Host

The domain name and port of the server that is listening for webhook events. Generated from the partner URI that is specified when a webhook subscription is created.

User-Agent

Apache-HttpClient/4.5.10 (Java/1.8.0_212)