API Reference

Webhooks

Outbound HTTPS callbacks signed with HMAC-SHA-256.

Delivery semantics

Deliveries are at-least-once. Always treat your endpoint as idempotent — store and short-circuit on the id field of the payload.
Each event is delivered with a deterministic partition_key so two deliveries for the same key never overlap. This preserves causal ordering per resource.
A delivery is considered successful on any 2xx response within 10 seconds. Any other outcome is retried with exponential backoff: 30s, 1m, 5m, 30m, 2h, 6h, then daily up to 72h.
Endpoints that fail for 24h are marked disabled and stop receiving traffic until you re-enable them.

Security

Endpoint URLs must be https://. Private IPs, cloud-metadata addresses, and *.ceevee.cc are rejected at registration to prevent SSRF.
We resolve the host at every delivery and refuse to send if DNS now resolves to a private range.
Signing secrets rotate without downtime: the old secret is honoured for 24h alongside the new one.

REST endpoints

POST/v1/webhook_endpoints

webhooks:manage

GET/v1/webhook_endpoints

List your active endpoints.

webhooks:manage

GET/v1/webhook_endpoints/{id}

Read an endpoint's configuration and status.

webhooks:manage

PATCH/v1/webhook_endpoints/{id}

Update URL, subscribed events, or description.

webhooks:manage

DELETE/v1/webhook_endpoints/{id}

Disable an endpoint. History is preserved.

webhooks:manage

POST/v1/webhook_endpoints/{id}/rotate_secret

Issue a new signing secret. Old secret is honoured for 24h.

webhooks:manage

POST/v1/webhook_endpoints/{id}/test

Trigger a webhook.test delivery for end-to-end verification.

webhooks:manage

GET/v1/webhook_endpoints/{id}/deliveries

Page through delivery history with status, response, and timing.

webhooks:manage

POST/v1/webhook_endpoints/{id}/deliveries/{delivery_id}/replay

Manually re-deliver a past event.

webhooks:manage

Use the SDK verifier

Our official SDK exposes verifyWebhookSignature() which performs constant-time comparison and a five-minute clock-skew check. Prefer it over a hand-rolled HMAC verifier.

Delivery semantics

Deliveries are at-least-once. Always treat your endpoint as idempotent — store and short-circuit on the id field of the payload.

Each event is delivered with a deterministic partition_key so two deliveries for the same key never overlap. This preserves causal ordering per resource.

A delivery is considered successful on any 2xx response within 10 seconds. Any other outcome is retried with exponential backoff: 30s, 1m, 5m, 30m, 2h, 6h, then daily up to 72h.

Endpoints that fail for 24h are marked disabled and stop receiving traffic until you re-enable them.

Security

Endpoint URLs must be https://. Private IPs, cloud-metadata addresses, and *.ceevee.cc are rejected at registration to prevent SSRF.

We resolve the host at every delivery and refuse to send if DNS now resolves to a private range.

Signing secrets rotate without downtime: the old secret is honoured for 24h alongside the new one.

REST endpoints

POST/v1/webhook_endpoints

webhooks:manage

GET/v1/webhook_endpoints

List your active endpoints.

webhooks:manage

GET/v1/webhook_endpoints/{id}

Read an endpoint's configuration and status.

webhooks:manage

PATCH/v1/webhook_endpoints/{id}

Update URL, subscribed events, or description.

webhooks:manage

DELETE/v1/webhook_endpoints/{id}

Disable an endpoint. History is preserved.

webhooks:manage

POST/v1/webhook_endpoints/{id}/rotate_secret

Issue a new signing secret. Old secret is honoured for 24h.

webhooks:manage

POST/v1/webhook_endpoints/{id}/test

Trigger a webhook.test delivery for end-to-end verification.

webhooks:manage

GET/v1/webhook_endpoints/{id}/deliveries

Page through delivery history with status, response, and timing.

webhooks:manage

POST/v1/webhook_endpoints/{id}/deliveries/{delivery_id}/replay

Manually re-deliver a past event.

webhooks:manage