webhook-design
Design and consume webhooks reliably — HMAC signature verification, timestamp/replay protection, fast 2xx acknowledgement, consumer idempotency via event-id dedupe, at-least-once delivery, retries with exponential backoff + dead-letter, ordering, and payload design. Deep reference with runnable checks.
Included with Vanara Pro ($10/mo) — unlocks all 206 items. See pricing →
Overview
A webhook is a reversed API call: the provider calls you. That inversion changes every assumption. The payload is untrusted (anyone who learns your URL can POST to it), delivery is at-least-once (you *will* see duplicates), traffic is bursty (a backfill can fan out thousands of events in seconds), and ordering is not guaranteed. This skill is the deep reference for designing both sides — the produ
What it covers
- The consumer pipeline (order matters)
- Signature verification (authenticity)
- Replay protection (freshness)
- Acknowledge fast, process async
- Idempotency (duplicates are guaranteed)
- Producer side: retries, backoff, dead-letter
- Payload design
- Delivery Semantics, Retries & Dead-Letter