https://api.easy-transfers.ch · auth X-Api-KeyWebhooks let your system react in real time to events in the EasyTransfer Transport® platform. When a subscribed event occurs, we send an HTTP POST with a JSON body to your endpoint, signed with HMAC-SHA256.
| Event | When it fires |
|---|---|
| Booking lifecycle | |
booking.created | A booking is created for your account |
booking.confirmed | Booking is confirmed |
booking.amended | Booking details are changed |
booking.cancelled | Booking cancelled |
booking.completed | Transfer completed |
booking.no_show | No-show recorded (still billable) |
booking.flight_updated | Tracked flight changed status (delayed, landed, diverted) |
booking.driver_assigned | A chauffeur was assigned to the booking |
booking.driver_reassigned | A different chauffeur replaced the assigned one |
booking.sla_warning | Legal waiting period at pickup elapsed; a no-show may follow |
| Chauffeur lifecycle | |
booking.driver_accepted | Chauffeur accepted the job |
booking.driver_started | Chauffeur started the run |
booking.driver_en_route | Chauffeur en route to pickup |
booking.driver_arrived | Chauffeur arrived at pickup |
booking.photos_added | Chauffeur added pickup photos |
booking.passenger_onboard | Passenger on board, transfer underway |
| Billing | |
invoice.created | Incoming invoice issued to you (NET terms) |
invoice.paid | An invoice is marked paid (includes Stripe payments) |
booking.documents_ready | Invoice, booking and GPS-evidence PDFs are ready; payload carries each URL (fetch with your API key) |
| Notifications | |
booking.sms_delivered | The tracking SMS reached the recipient (Twilio confirmed delivery) |
booking.sms_failed | The tracking SMS failed or was undelivered; payload carries the error code |
Subscribe with exact names or wildcards, e.g. booking.*,invoice.* or all.
booking.* payload automatically includes a live tracking_link (https://drivers.easy-transfers.ch/livetracking?t=...) whenever a tracking token exists, so you can show your customer real-time vehicle tracking.Each delivery is a POST with Content-Type: application/json and:
| Header | Value |
|---|---|
X-ET-Event | The event name, e.g. booking.completed |
X-ET-Signature | HMAC-SHA256 of the raw request body, keyed with your secret (hex) |
X-ET-Retry | Present on retries; the attempt number |
{
"event": "booking.completed",
"data": {
"ref": "ET-000352",
"status": "COMPLETED",
"client": "Samantha Aeschbach",
"price": 90.02
},
"timestamp": "2026-06-30T16:33:00+02:00"
}
Compute HMAC-SHA256 over the raw body with your secret and compare (constant-time) to X-ET-Signature.
# PHP
$expected = hash_hmac('sha256', $rawBody, $yourSecret);
if (!hash_equals($expected, $_SERVER['HTTP_X_ET_SIGNATURE'] ?? '')) { http_response_code(401); exit; }
# Node
const exp = crypto.createHmac('sha256', secret).update(rawBody).digest('hex');
if (!crypto.timingSafeEqual(Buffer.from(exp), Buffer.from(req.header('X-ET-Signature')||''))) return res.sendStatus(401);
| Item | Behaviour |
|---|---|
| Success | Respond 2xx within the timeout |
| Timeout | 5s on first delivery, 8s on retries |
| Retries | Exponential backoff: 2, 4, 8, 16, 32 min · up to 6 attempts |
| Auto-disable | After 10 consecutive failures the subscription is paused |
| Delivery log | Every attempt is recorded (event, URL, HTTP code, attempts, response) |
data.ref + event).| Endpoint | Purpose |
|---|---|
partner.webhook.config | POST to save URL + events + secret · GET to read current config |
partner.webhook.test | Sends a signed test POST to your configured URL · returns the HTTP code |
partner.webhook.deliveries | Recent delivery log for your account |
curl -X POST "https://api.easy-transfers.ch/?action=partner.webhook.config" \
-H "X-Api-Key: etk_partner_..." -H "Content-Type: application/json" \
-d '{"url":"https://your-domain.com/webhook","events":["booking.created","invoice.paid"]}'
This is v1. New event types and additional fields may be added; your handler must ignore unknown fields/events. Breaking changes would ship as v2.