# Webhook Actions and Payloads

### Headers

`HTTP POST` payloads that are delivered to your webhook's configured URL endpoint will contain these special headers:

* `x-icr-signature-256` This header is sent if the webhook is configured with a `secret`. This is the HMAC hex digest of the `signedData` key included in the request payload body, and is generated using the SHA-256 hash function and the `secret` as the HMAC `key`. For more information, see "[Validating webhook deliveries](/documentation/carbonregistry.com/api/apps/creating-icr-apps/registering-an-icr-app/webhooks/validate-deliveries.md)."

### Events

The following are supported events. We will be adding more events after discussions with our app / marketplace developer partners.

* `installed`&#x20;
* `uninstalled`&#x20;
* `suspended`&#x20;
* `unsuspended`&#x20;
* `newPermissionsAccepted`&#x20;
* `warehouseTransaction`
* `organizationTransaction`

All of the above events have the same payload with differing value for the "event" key.

Payload example:

```typescript
{
  event: "installed",
  transaction: {
    id: "txUUID",
    createdAt: "2022-03-14T11:01:55.941Z",
    updatedAt: "2022-03-14T11:01:55.941Z",
    status: "processed" | "failed" | "pending_queue",
    type: "transfer" | "transfer_retire" | "retire", // credit action
    amount: 1,
    creditId: "idOfCredit"
  } | undefined,
  installation: {
    id: "123",
    createdAt: "2022-03-14T11:01:55.941Z",
    updatedAt: "2022-03-14T11:01:55.941Z",
    organization: {
      id: "org1",
      name: "Organization 1",
      url: "https://api.carbonregistry.com/organizations/org1",
    },
    permissions: {
      organization_info: "VIEW",
      organization_inventory: "REQUEST"
    },
    appNameId: "app1",
    appId: "1",
    accessTokensUrl: "https://api.carbonregistry.com/app/installations/123/accessTokens",
  },
  sender: {
    email: "user@example.com",
    fullName: "John Doe",
    id: "user1",
    profilePicture: "https://example.com/profiles/user1.jpg",
  } | undefined,
  signedData: "eyJldmVudCI6Imluc3RhbGxlZCIsInN0YXRlIjoiIiwiaW5zdGFsbGF0aW9uIjp7ImlkIjoiMTIzIiwiY3JlYXRlZEF0IjoiMjAyMi0wMy0xNFQxMTowMTo1NS45NDFaIiwidXBkYXRlZEF0IjoiMjAyMi0wMy0xNFQxMTowMTo1NS45NDFaIiwib3JnYW5pemF0aW9uIjp7ImlkIjoib3JnMSIsIm5hbWUiOiJPcmdhbml6YXRpb24gMSIsInVybCI6Imh0dHBzOi8vYXBpLmNhcmJvbnJlZ2lzdHJ5LmNvbS9vcmdhbml6YXRpb25zL29yZzEifSwicGVybWlzc2lvbnMiOnsib3JnYW5pemF0aW9uX2luZm8iOiJWSUVXIiwib3JnYW5pemF0aW9uX2ludmVudG9yeSI6IlJFUVVFU1QifSwiYXBwTmFtZUlkIjoiYXBwMSIsImFwcElkIjoiMSIsImFjY2Vzc1Rva2Vuc1VybCI6Imh0dHBzOi8vYXBpLmNhcmJvbnJlZ2lzdHJ5LmNvbS9hcHAvaW5zdGFsbGF0aW9ucy8xMjMvYWNjZXNzVG9rZW5zIn0sInNlbmRlciI6eyJlbWFpbCI6InVzZXJAZXhhbXBsZS5jb20iLCJmdWxsTmFtZSI6IkpvaG4gRG9lIiwiaWQiOiJ1c2VyMSIsInByb2ZpbGVQaWN0dXJlIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9wcm9maWxlcy91c2VyMS5qcGcifX0="
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.carbonregistry.com/documentation/carbonregistry.com/api/apps/creating-icr-apps/registering-an-icr-app/webhooks/webhook-actions-and-payloads.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.