Register your application in the Samsara developer portal as a Marketplace App to gain access to OAuth-based multi-tenant authorization flows
During the OAuth authorization for each customer, use the customer's access token to create a dedicated webhook endpoint via the webhook create API, pointing to your HTTPS listener URL
Subscribe to the event types relevant to your use case (for example, vehicle location updates, driver HOS events, form submissions, or address geofence triggers) per the customer webhook configuration
Implement an HTTPS endpoint that verifies the Samsara webhook signature on every incoming request before processing the payload
Parse incoming events by event type, route them to the appropriate customer record using the organization or vehicle identifiers in the payload, and acknowledge receipt with a 2xx response within the timeout window
Handle webhook re-delivery: Samsara retries failed deliveries; implement idempotency keyed on the event ID to prevent duplicate processing
Known gotchas
Marketplace apps must create a separate webhook subscription per customer organization using that customer's OAuth token; a single global webhook does not cover multiple customers' data
Webhook signature verification is mandatory — skip it and you are open to replay or spoofing attacks; the Samsara documentation specifies the header and HMAC algorithm to use
Webhook event delivery is at-least-once; your consumer must be idempotent because the same event may arrive more than once, especially during Samsara infrastructure maintenance windows
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp