exactly · nfmelendez · Aug 1, 2025 · Jan 30, 2026 · Mar 12, 2026 · Aug 13, 2025
@@ -0,0 +1,6 @@
+---
+"@exactly/server": patch
+"@exactly/docs": patch
+---
+
+🐛 fix update card webhook schema
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+🐛 fix webhook logging for text response
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+🐛 fix webhook retries
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+🐛 fix user webhook routing
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+✨ add webhook api
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+✨ add transaction receipt to webhook
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+✨ forward exchange rate to webhooks
@@ -0,0 +1,5 @@
+---
+"@exactly/server": patch
+---
+
+✨ forward webhooks to source
@@ -77,6 +77,7 @@
     "hdpi",
     "hexlify",
     "hideable",
+    "hmac",
     "hono",
     "IBMPlexMono-Medm",
     "IERC",

@@ -15,7 +15,10 @@ export default defineConfig({
           { base: "api", schema: "node_modules/@exactly/server/generated/openapi.json", sidebar: { collapsed: false } },
         ]),
       ],
-      sidebar: [{ label: "Docs", items: ["index", "organization-authentication"] }, ...openAPISidebarGroups],
+      sidebar: [
+        { label: "Docs", items: ["index", "organization-authentication", "webhooks"] },
+        ...openAPISidebarGroups,
+      ],
     }),
     mermaid(),
   ],

@@ -141,3 +141,81 @@ authClient.siwe
     console.error("nonce error", error);
   });
   ```
+
+## Creating a webhook with the authenticated header
+
+  ```typescript
+import { createAuthClient } from "better-auth/client";
+import { siweClient, organizationClient } from "better-auth/client/plugins";
+import { mnemonicToAccount } from "viem/accounts";
+import { optimismSepolia } from "viem/chains";
+import { createSiweMessage } from "viem/siwe";
+
+const chainId = optimismSepolia.id;
+const baseURL = "http://localhost:3000";
+const authClient = createAuthClient({
+  baseURL,
+  plugins: [siweClient(), organizationClient()],
+});
+
+const owner = mnemonicToAccount("test test test test test test test test test test test test");
+
+authClient.siwe
+  .nonce({
+    walletAddress: owner.address,
+    chainId,
+  })
+  .then(async ({ data: nonceResult }) => {
+    const statement = `i accept exa terms and conditions`;
+    const nonce = nonceResult?.nonce ?? "";
+    const message = createSiweMessage({
+      statement,
+      resources: ["https://exactly.github.io/exa"],
+      nonce,
+      uri: `https://localhost`,
+      address: owner.address,
+      chainId,
+      scheme: "https",
+      version: "1",
+      domain: "localhost",
+    });
+    const signature = await owner.signMessage({ message });
+
+    await authClient.siwe.verify(
+      {
+        message,
+        signature,
+        walletAddress: owner.address,
+        chainId,
+      },
+      {
+        onSuccess: async (context) => {
+          const headers = new Headers();
+          headers.set("cookie", context.response.headers.get("set-cookie") ?? "");
+          const webhooks = await authClient.$fetch(`${baseURL}/api/webhook`, {
+            headers,
+          });
+          console.log("webhooks", webhooks);
+
+          // only if owner or admin roles for the organization
+          const newWebhook = await authClient.$fetch(`${baseURL}/api/webhook`, {
+            headers,
+            method: "POST",
+            body: {
+              name: "foobar",
+              url: "https://test.com",
+            },
+          });
+          console.log("new webhook", newWebhook);
+        },
+        onError: (context) => {
+          console.log("authorization error", context);
+        },
+      },
+    );
+  })
+  .catch((error: unknown) => {
+    console.error("nonce error", error);
+  });
+
+  ```
-Original file line number
+Diff line change
@@ Expand Up / @@ -77,6 +77,7 @@ @@
         "hdpi",
         "hexlify",
         "hideable",
+        "hmac",
         "hono",
         "IBMPlexMono-Medm",
         "IERC",
@@ Expand Down @@