Webhooks vs API – What’s the difference?

Tram Ho


As we all know, communication is the main driving force in the digital age. As humans, we want technology to help us communicate faster, easier and with more people. But for that to happen, we must first figure out how to make technologies communicate with each other.

Webhook and API are two popular options used to solve that problem, both of which allow synchronization and forwarding of data between two applications.

However, both have different ways of doing this and therefore they will be used to serve slightly different purposes.

In this article, we will learn them together to see the difference and make a choice when to use it for the best results, let’s go !!!

1. Webhook

1.1 What is Webhook?

Webhooks are an extremely useful and convenient way to deploy event responses. It provides a mechanism that allows an application (server-side) to automatically notify and send real-time data to another application (client-side) whenever there is a new event (data). (to which the client-side application may be of interest) has occurred on the server (server-side).

Because Webhook works by definition of “event reaction” (don’t call me, I’ll call you if I have news). Thanks to this, the client-side app won’t need to constantly ask the server-side app to see what’s new, send it to me ???, but just “subscribe” for an event with Webhook. then lie dry waiting for server-side to send messages in place until a new event occurs (by calling webhook URL from the distribution client) =))

Webhooks are also known as Reverse APIs. In API applications, the client-side sends the request (via the API) to the server-side. However, in contrast to Webhook, the server calls the Webhook (usually a POST HTTP request) to the URL endpoint previously configured for the Webhook by the client provided and the client processes the returned result.

1.2 Setting Up Webhook

To set up a Webhook, you need to “register” a URL for the Webhook provider to send the request as needed. This also means that your application is accessible from the public web.

Normally, Webhook will POST data in two ways: JSON or XML. The provider will tell you the content or even customize the content of these provided APIs.

Webhook uses HTTP, so it can be integrated into web services without adding new infrastructure. At the same time, also easy to use, so it is increasingly widely used.

1.3 Debug a Webhook

Debugging Webhook is sometimes quite complicated because its mechanism is to operate asynchronously. So we need to trigger them and wait for the response to be received, which feels quite time consuming. However, there are a few tips that can make debugging easier:

  • Understanding what Webhook also provides, we can use RequestBin to collect and inspect the requests that Webhook sent.
  • Simulate the request using tools like cURL or Postman (I’m using Postman: v)
  • Publish code on local machine with ngrok
  • Monitor overall flow using tools such as Runscope

1.4 Webhook security

Since the Webhook provides data to publicly available URLs, it is of course possible to be vulnerable to hacking and editing the data before being returned to the client. To prevent this, all incoming connections are required to be https:

  • Add a token to the URL, as an identifier. For example:? Auth = token
  • The next option is to deploy Basic Auth. This is widely supported and easy to do.

The two solutions above are optional to be able to prevent attacks, but it also has the disadvantage of having to send the auth token along with the request. The next solution requires the Provider to sign (encrypt) the requests sent to the client and the client side will verify these signatures.

1.5 When to use Webhook

Webhooks are often used to perform small requests and tasks.

For example, when an application requires real-time updates, but we don’t want to waste a lot of resources on it. Webhook is used in this case.

Another case of using a webhook over the API is when the API is very “bad” or doesn’t have the API started. We can then create a solution that provides the data the application needs to function.

However, since Webhook is not used very often to call data and only works when new data is available, it is likely that the latest updates will not be able to get the latest updates if the system stops working for some reason. somehow.

Also, have to accept the total amount of data traffic available with a given update since there is little control over them.

2. API

2.1 Concepts

Surely you are not too unfamiliar with this concept anymore, maybe you have used or found many other articles about it already so here I will talk briefly and according to my understanding! !! ?

API is the abbreviation of Application Programming Interface (application programming interface) method to connect to libraries and other applications. It is a communication software used by various applications. Simply put, it is like the keyboard is the device used to communicate between the keyboard hero and the computer – API is a communication software between the program and the operating system.

And for the API to work, we need to make a request with data, and a response for that request. Data is usually formatted as JSON, XML or any other type. For those who have worked with Web API, it is a web page but does not have an interface that only manipulates the Database server, processes the tasks that the client sends and then responds in the form of NoSQL structures like JSON. , BJSON or XML.

API makes building HTTP services very simple and fast. Open source, fully supports MVC model or HTTP components such as: URI, request / response headers, caching, versioning, content format. Suitable for devices with limited bandwidth such as mobile, tablet.

Today, many applications are built on this model. Large applications often have multiple APIs integrated, which is convenient for scaling their services. However, real-time processing is possible with the API, but it does require some additional configuration, making the webhook the most suitable mechanism for real-time information processing.

2.2 Advantages of API

  • Stay connected anytime thanks to the Internet.
  • Two-way communication must be verified in transactions.
  • Since the communication is a two-way API, the information is very reliable.
  • Provide a person-friendly experience.
  • Deliver development solutions as developers find new uses for the exchange of APIs.
  • Configuration is simple when compared to WCF.
  • Open source.
  • Fully supports RESTful functionality.
  • Fully supports MVC components such as routing, controller, action result, filter, model binder, IoC container, dependency injection, unit test.
  • High performance.

2.3 When to use the API

The API works extremely well when you are sure of the constant changes in data. If the data is not constantly being updated, using the API will result in a waste of resources. For example, if it’s an eCommerce store that regularly has to track data or update some shipping status, the API would be the best choice.

APIs are still popular for a number of reasons:

  • Not all apps support webhook integration.
  • Sometimes you just want to know the outcome rather than every event that has changed an object.
  • Webhook can only notify you about an event, so if you want to make changes based on new information, you’ll need an API.
  • The Webhook Payload may not contain all the data you need about an event, so the API should be used for now.
  • If we are set up to use the API, we can impose a limit on the requests made in a specific time period. Some applications even limit the number of requests made from the very beginning to reduce resource consumption later.

3. The difference between Webhook and API

Through what we have learned together about Webhook and the API above, we have somehow seen the difference between them, right, let’s list some of the differences out =))

A webhook, also known as a reverse API, a web callback, or an HTTP push API is a way for one application to give other applications real-time information. It provides data when an event occurs or almost immediately.The API is a messenger that sends your request to the provider you’re asking for and then sends you back.
APIs are request-based, meaning they work on request from third-party appsWebhooks are event-based, meaning they run when a specific event occurs in the source application.
With Webhook, whenever there is an event or new data, the server will automatically notify the client, ie the API needs to “probe” the server regularly to know if there are new events arising or not. will automatically execute the request when certain criteria are metThe APIs need to “probe” the server regularly to know if new events arise or not, that is, the API will execute when there is a request (need to be instructed, send requests – receive responses).
Webhooks are less resource-intensive because they save you time constantly polling (checking) new data.In contrast to Webhook

Both APIs and Webhooks have different use cases, but if our goal is just to transfer data between two services, then Webhook is the right choice. However, if the application requires data changes frequently, then the API would be the more suitable choice.

You can use both the API and the Webhook together to create a system that can communicate the right type of data for your application.


So we have learned to give insight between the two concepts of Webhook and API, this article is considered to be the knowledge that I note after reading the document about them. There may be shortcomings, so if you are interested in the article, please give me a few comments to improve and better understand them.

Thank you for reading this article !!! (bow)



Share the news now

Source : Viblo