Skip to content

What is a Webhook

Key idea:

A webhook is a mechanism where service A issues an HTTP POST to your URL when something happens. Opposite of polling: instead of "you ask every N seconds for updates" — "the service notifies you". Typical use-cases: payments (Stripe/YooKassa webhook → /payment/completed), CI/CD (GitHub push → Jenkins), monitoring (Enterno → your webhook when a site goes down).

Below: details, example, related terms, FAQ.

Check your site →

Details

  • Receiver — a public URL accepting POST with JSON
  • HMAC signature header (X-Signature-256) — forgery protection
  • Replay protection: timestamp + nonce in payload
  • Retry with exponential backoff — receivers are not always available
  • Idempotency: receiver must tolerate seeing the same webhook 2+ times

Example

POST /webhook HTTP/1.1
X-Signature-256: sha256=abc...
Content-Type: application/json

{"event":"payment.succeeded","id":"pi_123"}

Related Terms

How Webhooks Enhance Real-Time Data Processing

Webhooks play a crucial role in real-time data processing by allowing applications to receive data instantly as events occur. Unlike traditional polling methods, where systems regularly check for updates, webhooks push data to the configured endpoint immediately after an event triggers. This leads to more efficient use of resources and faster data handling.

For example, in a typical e-commerce scenario, when a customer completes a purchase, a webhook can send a notification to the inventory management system. This system can then automatically update the stock levels in real-time without the need for manual checks or delays.

Here’s how a webhook integration might look:

  • Event Trigger: Customer completes a purchase.
  • Webhook URL: The e-commerce platform sends an HTTP POST request to https://yourdomain.com/webhook/inventory-update.
  • Payload Example:
{"product_id": "12345", "quantity": "1", "status": "purchased"}

By using webhooks, businesses can streamline their operations, improve customer satisfaction, and reduce the likelihood of errors that can occur with delayed data updates.

Configuring Webhooks in Popular Platforms

Setting up webhooks can vary depending on the platform you are using. Below are step-by-step instructions for configuring webhooks in some popular services:

1. GitHub Webhooks

To set up a webhook for a GitHub repository, follow these steps:

  1. Navigate to your repository on GitHub.
  2. Click on Settings.
  3. Select Webhooks from the sidebar.
  4. Click Add webhook.
  5. Enter your Payload URL (e.g., https://yourdomain.com/webhook/github).
  6. Choose the content type (usually application/json).
  7. Select the events you want to trigger the webhook.
  8. Click Add webhook.

2. Stripe Webhooks

For Stripe webhooks, the process is similar:

  1. Login to your Stripe account.
  2. Go to the Developers section.
  3. Click on Webhooks.
  4. Select Add endpoint.
  5. Enter your Endpoint URL (e.g., https://yourdomain.com/webhook/stripe).
  6. Select the events you wish to receive notifications for.
  7. Click Add endpoint.

By following these steps, you can effectively configure webhooks to automate workflows and improve integration between services.

Common Challenges and Solutions in Using Webhooks

While webhooks offer significant advantages, they also come with challenges that users must address to ensure reliable operation. Here are some common issues and their solutions:

1. Security Risks

Webhooks can be susceptible to unauthorized access if not properly secured. To mitigate this risk:

  • Implement authentication mechanisms, such as HMAC signatures, to verify the source of the webhook.
  • Use HTTPS to encrypt data in transit.

2. Payload Size Limits

Some platforms impose limits on the size of the payload sent via webhooks. To handle this:

  • Keep the payload as small as possible by sending only essential data.
  • Consider using a reference ID to fetch additional data from your server if needed.

3. Delivery Failures

Webhooks can fail due to various reasons, like network issues or incorrect configurations. To address delivery failures:

  • Implement retry logic on the sending service to attempt resending the webhook after a failure.
  • Log all webhook events to monitor and troubleshoot issues.

By understanding these challenges and implementing the suggested solutions, you can ensure that your webhook integrations are robust and reliable.

Learn more

Frequently Asked Questions

Webhook or polling?

Webhook = near-realtime + less load on both sides. Polling = simpler for tests + works through firewalls (outgoing only). For production choose webhook.

How do I verify a webhook is from that service?

Check the HMAC signature with a shared secret. Stripe/YooKassa document the exact algorithm (usually HMAC-SHA256).

What if the receiver is down?

The service should retry 3-5 times with exponential backoff. After final fail — store in a dead-letter queue.

Try the live tool that powered this guide

Free plan — 10 monitors, checks every 5 min, no card required. Upgrade for 1-minute interval and multi-region monitoring.