Webhooks

Autonoma webhooks provide real-time notifications when important events occur in your autonomous development lifecycle. Keep your systems synchronized with instant updates.

What are Webhooks?

Webhooks are HTTP callbacks that Autonoma sends to your server when specific events occur. They enable real-time integration with your existing tools and workflows.

Available Webhook Events

Code Events

  • code.generated - When autonomous agents generate new code
  • code.reviewed - When code review is completed
  • code.merged - When code is merged to main branch

Deployment Events

  • deployment.started - When deployment begins
  • deployment.completed - When deployment succeeds
  • deployment.failed - When deployment fails
  • deployment.rollback - When rollback is triggered

Security Events

  • security.vulnerability_detected - When vulnerability is found
  • security.vulnerability_fixed - When vulnerability is patched
  • security.compliance_check - When compliance scan completes

System Events

  • system.anomaly_detected - When anomaly is detected
  • system.self_healing_triggered - When self-healing starts
  • system.performance_alert - When performance degrades

Setting Up Webhooks

1. Configure Webhook Endpoint

# Via Autonoma CLI
autonoma webhook create \
  --url https://your-domain.com/webhooks/autonoma \
  --events code.generated,deployment.completed \
  --secret your-webhook-secret

# Via API
curl -X POST https://api.autonoma.ai/v1/webhooks \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "url": "https://your-domain.com/webhooks/autonoma",
    "events": ["code.generated", "deployment.completed"],
    "secret": "your-webhook-secret"
  }'

2. Handle Webhook Requests

// Node.js Example
app.post('/webhooks/autonoma', (req, res) => {
  const signature = req.headers['x-autonoma-signature'];
  const event = req.body;
  
  // Verify webhook signature
  if (!verifyWebhookSignature(signature, req.body, webhookSecret)) {
    return res.status(401).send('Unauthorized');
  }
  
  // Handle different event types
  switch(event.type) {
    case 'code.generated':
      console.log('New code generated:', event.data);
      // Your custom logic here
      break;
      
    case 'deployment.completed':
      console.log('Deployment completed:', event.data);
      // Your custom logic here
      break;
  }
  
  res.status(200).send('OK');
});

Security

Webhook Signature Verification

Always verify the webhook signature to ensure requests are from Autonoma:

const crypto = require('crypto');

function verifyWebhookSignature(signature, payload, secret) {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(JSON.stringify(payload))
    .digest('hex');
    
  return signature === `sha256=${expectedSignature}`;
}

Best Practices

Use HTTPS endpoints

Always use HTTPS for webhook endpoints to ensure data security

Implement retry logic

Handle temporary failures gracefully with exponential backoff

Process asynchronously

Return 200 quickly and process webhook data in the background

Monitor webhook health

Track failed deliveries and response times in your dashboard

Need Help?

Our team is here to help you integrate Autonoma webhooks with your systems.

View Full DocsContact Support