Webhooks Overview
Receive real-time notifications for events
Webhooks Overview
Webhooks allow you to receive real-time notifications when events occur in your APIMW account.
How Webhooks Work
┌─────────────┐ Event occurs ┌─────────────┐
│ APIMW │ ──────────────────► │ Your App │
│ Platform │ POST request │ /webhook │
└─────────────┘ └─────────────┘
│ │
│ 200 OK (acknowledge) │
│ ◄──────────────────────────────────┘- An event occurs (message sent, delivered, etc.)
- APIMW sends a POST request to your webhook URL
- Your server processes the event
- Return 200 OK to acknowledge receipt
Setting Up Webhooks
1. Create a Webhook Endpoint
Your endpoint must:
- Accept POST requests
- Return 200 OK quickly (within 5 seconds)
- Handle duplicate events (idempotency)
2. Register Your Webhook
curl -X POST https://api.apimw.com/v1/webhooks \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"url": "https://yourapp.com/webhooks/apimw",
"events": ["message.sent", "message.delivered", "message.received"],
"secret": "your_webhook_secret"
}'3. Verify Webhook Signatures
Always verify the signature to ensure webhooks are from APIMW.
Retry Policy
If your endpoint fails to respond with 200 OK:
| Attempt | Delay |
|---|---|
| 1 | Immediate |
| 2 | 1 minute |
| 3 | 5 minutes |
| 4 | 30 minutes |
| 5 | 2 hours |
After 5 failed attempts, the webhook is disabled.
Best Practices
- Respond Quickly - Return 200 OK immediately, process async
- Handle Duplicates - Events may be sent more than once
- Verify Signatures - Always validate webhook authenticity
- Use HTTPS - Webhook URLs must use HTTPS
- Log Events - Keep logs for debugging