API
Webhooks
How Everyn sends signed run, row, export, and test events to customer endpoints.
Webhooks let Everyn notify your system when run, row, export, or test events happen. Endpoint configuration is API-managed, secrets are generated by Everyn, and delivery records stay inspectable without exposing secret material.
Webhook workflow
Create a webhook endpoint:
curl -sS -X POST "$EVERYN_BASE_URL/v1/webhook-endpoints" \
-H "Authorization: Bearer $EVERYN_API_KEY" \
-H "Idempotency-Key: webhook-001" \
-H "Content-Type: application/json" \
--data '{
"url": "https://example.com/everyn/webhooks",
"eventTypes": ["run.succeeded", "row.failed", "export.ready"],
"description": "Production webhook endpoint",
"enabled": true
}'Signing headers:
Everyn-Webhook-Id
Everyn-Webhook-Timestamp
Everyn-Webhook-Signature: v1=<lowercase hex hmac sha256>The signed content is:
<timestamp>.<raw UTF-8 body>Webhook behavior:
| Topic | Contract |
|---|---|
| Secret visibility | signingSecret is returned only on create or rotate-secret. |
| Payload shape | Thin event envelope; fetch sensitive details through authenticated API routes. |
| Endpoint URLs | Public HTTPS URLs only; unsafe local, credentialed, fragmented, or non-default-port URLs are rejected. |
| Delivery inspection | Use GET /v1/webhook-deliveries and GET /v1/webhook-deliveries/{deliveryId}. |
| Manual test | Use POST /v1/webhook-endpoints/{webhookEndpointId}/test. |
| Secret rotation | Use POST /v1/webhook-endpoints/{webhookEndpointId}/rotate-secret. |
Use the generated Webhooks API reference for endpoint details and Authentication for required scopes.