Webhooks are HTTP callbacks that enable event-driven communication between systems by pushing data in real-time when specific events occur, eliminating the need for polling. They form the backbone of modern API integrations, powering notifications in platforms like Stripe, GitHub, Shopify, and Twilio. Unlike traditional request-response APIs, webhooks are asynchronous — the provider sends an HTTP POST to your endpoint when something happens, and you acknowledge receipt with a 2xx status code. The key challenge: webhooks fail silently from your perspective, so robust signature verification, idempotency, retry logic, and observability are critical. Master these patterns and you'll build integrations that developers trust.
What This Cheat Sheet Covers
This topic spans 20 focused tables and 112 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.
Table 1: Core Webhook Concepts
| Concept | Example | Description |
|---|---|---|
Provider sends POST /webhook with event payload | • HTTP callback triggered by events • provider pushes data to consumer's URL in real-time | |
Stripe emits payment.succeeded | System that generates events and sends webhook payloads to registered endpoints | |
Your server receives webhook at /api/webhooks/stripe | Application that receives webhook POST requests and processes event data | |
https://api.example.com/_webhooks/github | Public HTTPS URL where provider sends webhook POST requests | |
{"event":"order.created","data":{...}} | JSON body containing event metadata and data sent in webhook POST request |