Quick Guide to Implementing Webhooks in Trustpilot

Introduction

Hey there, fellow Javascript devs! Ready to supercharge your Trustpilot integration? Webhooks are your secret weapon for building responsive, user-facing applications that react in real-time to Trustpilot events. Let's dive in and get those webhooks up and running!

Prerequisites

Before we jump into the code, make sure you've got:

• Your Trustpilot API credentials handy
• A Node.js environment ready to roll

Got those? Great! Let's get coding.

Setting Up Webhook Endpoints

First things first, we need a server to receive those juicy webhook events. Express.js is perfect for this:

const express = require('express');
const app = express();
app.use(express.json());

app.post('/webhook', (req, res) => {
  // We'll handle the webhook payload here
  console.log('Received webhook:', req.body);
  res.sendStatus(200);
});

app.listen(3000, () => console.log('Webhook server running on port 3000'));

Simple, right? This sets up a basic endpoint at /webhook that'll log incoming events and send a 200 OK response.

Registering Webhooks with Trustpilot API

Now, let's tell Trustpilot where to send those events. We'll use the Trustpilot API to register our webhook:

const axios = require('axios');

async function registerWebhook() {
  const token = 'YOUR_ACCESS_TOKEN';
  const webhookUrl = 'https://your-server.com/webhook';

  try {
    const response = await axios.post('https://api.trustpilot.com/v1/private/webhooks', {
      url: webhookUrl,
      events: ['review.created', 'review.replied']
    }, {
      headers: { 'Authorization': `Bearer ${token}` }
    });
    console.log('Webhook registered:', response.data);
  } catch (error) {
    console.error('Error registering webhook:', error.response.data);
  }
}

registerWebhook();

Don't forget to replace 'YOUR_ACCESS_TOKEN' and 'https://your-server.com/webhook' with your actual values!

Handling Webhook Events

When those events start rolling in, you'll want to verify they're legit and process them accordingly:

const crypto = require('crypto');

app.post('/webhook', (req, res) => {
  const signature = req.headers['x-trustpilot-signature'];
  const payload = JSON.stringify(req.body);
  const secret = 'YOUR_WEBHOOK_SECRET';

  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex');

  if (signature === expectedSignature) {
    const { event, data } = req.body;
    switch (event) {
      case 'review.created':
        handleNewReview(data);
        break;
      case 'review.replied':
        handleReviewReply(data);
        break;
      // Add more cases as needed
    }
    res.sendStatus(200);
  } else {
    res.sendStatus(401);
  }
});

function handleNewReview(data) {
  console.log('New review:', data);
  // Your logic here
}

function handleReviewReply(data) {
  console.log('Review reply:', data);
  // Your logic here
}

Best Practices

• Always verify webhook signatures to ensure the requests are coming from Trustpilot.
• Implement proper error handling and logging.
• Consider using a queue system for processing webhooks if you expect high volumes.
• Set up retry mechanisms for failed webhook deliveries.

Testing Webhooks

Trustpilot provides tools to test your webhook implementation. You can also use tools like ngrok to expose your local server for testing.

Common Use Cases

• Send real-time notifications to your team when new reviews come in.
• Automatically thank customers for positive reviews.
• Update your internal dashboard with the latest review statistics.

Conclusion

And there you have it! You're now equipped to implement Trustpilot webhooks like a pro. Remember, webhooks are powerful tools that can significantly enhance your user-facing integrations. Don't be afraid to experiment and find creative ways to leverage this real-time data in your applications.

Happy coding, and may your webhooks always deliver!

Code Appendix

Here's a full example putting it all together:

const express = require('express');
const axios = require('axios');
const crypto = require('crypto');

const app = express();
app.use(express.json());

const TRUSTPILOT_API_TOKEN = 'YOUR_ACCESS_TOKEN';
const WEBHOOK_SECRET = 'YOUR_WEBHOOK_SECRET';

async function registerWebhook() {
  const webhookUrl = 'https://your-server.com/webhook';

  try {
    const response = await axios.post('https://api.trustpilot.com/v1/private/webhooks', {
      url: webhookUrl,
      events: ['review.created', 'review.replied']
    }, {
      headers: { 'Authorization': `Bearer ${TRUSTPILOT_API_TOKEN}` }
    });
    console.log('Webhook registered:', response.data);
  } catch (error) {
    console.error('Error registering webhook:', error.response.data);
  }
}

app.post('/webhook', (req, res) => {
  const signature = req.headers['x-trustpilot-signature'];
  const payload = JSON.stringify(req.body);

  const expectedSignature = crypto
    .createHmac('sha256', WEBHOOK_SECRET)
    .update(payload)
    .digest('hex');

  if (signature === expectedSignature) {
    const { event, data } = req.body;
    switch (event) {
      case 'review.created':
        handleNewReview(data);
        break;
      case 'review.replied':
        handleReviewReply(data);
        break;
    }
    res.sendStatus(200);
  } else {
    res.sendStatus(401);
  }
});

function handleNewReview(data) {
  console.log('New review:', data);
  // Your logic here
}

function handleReviewReply(data) {
  console.log('Review reply:', data);
  // Your logic here
}

app.listen(3000, () => {
  console.log('Webhook server running on port 3000');
  registerWebhook();
});

Remember to replace 'YOUR_ACCESS_TOKEN', 'YOUR_WEBHOOK_SECRET', and 'https://your-server.com/webhook' with your actual values. Now go forth and webhook like a champion!