A webhook in web development is a method of augmenting or altering the behavior of a web page, or web application, with custom callbacks. These callbacks may be maintained, modified, and managed by third-party users and developers who may not necessarily be affiliated with the originating website or application. The term "webhook" was coined by Jeff Lindsay in 2007 from the computer programming term hook.
The format is usually JSON. The request is done as a HTTP POST request. The receiving endpoint can choose to whitelist certain IP addresses from known sources. The webhook can include information about what type of event it is, and a secret or signature to verify the webhook. GitHub and Stripe sign their requests using an HMAC signature included as an HTTP header. Facebook signs their requests using SHA-1. The client can also establish the connection using a TLS client certificate which the endpoint can verify.
Webhooks are "user-defined HTTP callbacks". They are usually triggered by some event, such as pushing code to a repository or a comment being posted to a blog. When that event occurs, the source site makes an HTTP request to the URL configured for the webhook. Users can configure them to cause events on one site to invoke behavior on another.
Common uses are to trigger builds with continuous integration systems or to notify bug tracking systems. Because webhooks use HTTP, they can be integrated into web services without adding new infrastructure.
- Web hook to revolutionize the web, archived from the original on 2018-06-30
- "Checking Webhook Signatures". Stripe. Stripe, Inc. Retrieved 12 May 2019.
- "Getting Started - Graph API - Documentation - Facebook for Developers". Facebook. Facebook, Inc. Retrieved 12 May 2019.
- "Webhooks". Atlassian. Retrieved 2019-09-24.]
- About Webhooks - GiHhub Help
- WordPress Webhooks
- Jenkins GitHub Commit Hooks HOWTO, archived from the original on 2015-09-25
- Google Project Hosting - Post-Commit Web Hooks
- What are WebHooks and How Do They Enable a Real-time Web?