Mailgun
Signature Verification
Section titled “Signature Verification”| Property | Value |
|---|---|
| Algorithm | HMAC-SHA256 |
| Location | Within request body signature object |
| Fields | timestamp, token, signature |
Unlike most providers, Mailgun includes signature components in the request body rather than headers.
Signing formula:
hex(HMAC-SHA256("timestamp" + "token", api_key))Transyt extracts the signature.timestamp, signature.token, and signature.signature fields from the payload and verifies against your Mailgun API key.
- In the Mailgun Dashboard, go to Sending > Webhooks
- Add a webhook for each event type you want, pointing to:
https://ingest.transyt.com/mailgun/{your-account-slug}
- Use your Mailgun API key as the signing secret
Account Configuration
Section titled “Account Configuration”curl -X POST https://ingest.transyt.com/admin/accounts \ -H "X-Admin-Token: YOUR_ADMIN_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "provider": "mailgun", "account_slug": "main", "app_key": "my-app", "signing_secret_current": "your-mailgun-api-key" }'Event Type Mappings
Section titled “Event Type Mappings”| Mailgun Event | Transyt Event |
|---|---|
accepted | email.accepted |
delivered | email.delivered |
failed | email.failed |
opened | email.opened |
clicked | email.clicked |
unsubscribed | email.unsubscribed |
External ID
Section titled “External ID”The external ID is a composite of message-id:event, allowing multiple event types for the same message to be tracked separately.