Webhook Destination
The webhook destination sends events to any HTTP endpoint, with optional HMAC signing for security.
Configuration
Section titled “Configuration”{ "destination_type": "webhook", "name": "Backup Endpoint", "config": { "url": "https://backup.example.com/webhooks", "secret": "optional-signing-secret" }}| Field | Required | Description |
|---|---|---|
url | Yes | The URL to POST events to |
secret | No | If provided, deliveries are signed with HMAC-SHA256 |
Signed Deliveries
Section titled “Signed Deliveries”When a secret is provided, the webhook destination includes the same signature headers as primary delivery:
X-Gateway-Signature: {HMAC-SHA256 hex digest}X-Gateway-Timestamp: {unix timestamp}The signature formula is identical to primary delivery verification.
Payload
Section titled “Payload”The payload is the same Transyt envelope format used for primary delivery:
{ "event_id": "550e8400-e29b-41d4-a716-446655440000", "provider": "stripe", "account_slug": "my-app", "event_type": "charge.succeeded", "external_id": "evt_1234567890", "payload": { "..." }}Example
Section titled “Example”Create a webhook destination that fires only when primary delivery fails:
curl -X POST https://ingest.transyt.com/admin/accounts/{account_id}/destinations \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "destination_type": "webhook", "name": "Failure Backup", "config": { "url": "https://backup.example.com/webhooks", "secret": "backup-signing-secret" }, "condition": "delivery_failed" }'