Webhooks ​
Webhooks are mostly just servers calling other server APIs during some event.
Why? ​
Clients are mostly unreliable, untrusted and insecure. eg, Suppose client succeeds in completing a payment, but then their internet is unreliable, so they could not make a request to the API with confirmation. Also, we cannot completely trust the client in such cases.
How? ​
A webhook calls another API when an event occurs. Usually, security measures like HTTPS and private-key signing is used to verify the authenticity of the origin. Also, resilience algorithms like Exponential Backoff Algorithms may be implemented in the webhook in case of failed requests.