Webhooks & Notifications

We send a POST JSON payload to your callback URL whenever a transaction changes state.

Payload

  • status — transaction status
  • orderid — unique transaction id
  • external_id — your business id (echoed back)
  • content — base64-encoded PDF of the pré-état daté (only when status=done)
  • registration_id — national syndic id (only when allowed by contract)
  • documents — array of supporting documents (only when status=done)

Example

{
  "status": "done",
  "orderid": "order_id_12345",
  "external_id": "1221",
  "content": "JVBERi0xLjMKJeLjz9M...",
  "registration_id": "AA-XXX-XX",
  "documents": [
    {
      "id": 41,
      "doctype": 2,
      "delivered": "2025-03-12",
      "comment": "",
      "mimetype": "application/pdf",
      "url": "https://storage.example/2c8b5050b7d84f.pdf"
    }
  ]
}

Status values

  • confirmed — transaction received and confirmed
  • received — all required documents have been received
  • waiting — missing documents detected during processing
  • done — pré-état daté is ready (content contains the base64 PDF)
  • need-refresh — a refresh has been requested

Document types

Code Label Description
1 Summary sheet Key information summary for the condominium
2 Minutes Minutes of general meetings
3 Co-ownership rules Internal regulations
4 Diagnostics Global technical diagnostics
5 Asbestos diagnostic Asbestos presence status
6 Lead diagnostic Lead presence status
7 Maintenance logbook Building maintenance history
8 Plans Architectural/technical plans
9 Registration Co-ownership national registration proof
10 Other Any other document

Testing webhooks

You can simulate webhook delivery in test mode.

Endpoint: POST /order/test/webhook-events

Body

  • orderid (string)
  • event (string): one of done, waiting, received, need-refresh, confirmed

cURL

curl -X POST https://docs.maison-du-pre-etat-date.fr/api/order/test/webhook-events   -H "Content-Type: application/json"   -H "Authorization: Bearer $TOKEN"   -H "X-Auth-Key: $API_KEY"   -d '{ "orderid": "xxx", "event": "received" }'

Security notes

  • Only accept HTTPS and validate the Host and User-Agent if possible.
  • Verify payload signatures if you configure signing (recommended).
  • Idempotency: treat duplicate webhook deliveries as safe no-ops.