Home

webhooks

Webhooks are a user-defined HTTP callback mechanism that enables real-time communication between services. A source system emits events and sends notifications to a URL provided by the consumer. When a specified event occurs, the provider issues an HTTP request to the endpoint, typically a POST, carrying a payload that describes the event, often in JSON or form-encoded data. The receiving application processes the payload and responds with an appropriate HTTP status; a 2xx response is usually considered a successful delivery, while 4xx indicates a client error and 5xx a temporary server error that may trigger retries.

Key components include the event type, the payload, the destination URL, and a security mechanism such as

Delivery and reliability: webhooks depend on the sender’s ability to reach the endpoint. Because delivery is

Use cases: common in continuous integration, payment processing, version-control and issue-tracking platforms, chat and collaboration tools,

Security considerations: expose a public endpoint with TLS, validate signatures, and consider IP whitelisting where possible.

a
shared
secret
or
cryptographic
signature
to
verify
authenticity.
Many
systems
provide
headers
or
signatures
(for
example,
an
HMAC)
to
validate
that
a
request
truly
originates
from
the
sender.
asynchronous,
endpoints
should
be
idempotent
and
capable
of
handling
retries
gracefully.
Some
providers
retry
with
exponential
backoff
on
failure.
Payload
formats
are
not
standardized,
so
clients
must
implement
parsing
according
to
the
sender’s
schema.
and
workflow
automation.
They
are
often
contrasted
with
polling-based
integrations,
offering
lower
latency
and
reduced
server
load.
Minimize
exposed
surface
area,
implement
rate
limiting,
and
consider
replay
protection
to
guard
against
reused
requests.