Custom Webhooks

Custom webhooks are triggered by steadybit whenever e.g. an experiment has started or failed. You can configure them at Settings / Application Settings / Integrations / Custom webhook. The content type is application/json and the message is described in our OpenAPI specification as WebhookPayload.
Name
The name for this integration will not show up in the JSON body.
URL
The URL, which will receive a HTTP Post request with the JSON body
Secret
You may a specify a secret which will be used to sign the body. Verifying the signature.
optional
Team
If no team is specified, you'll receieve all events. If you do specify a team you'll only receive events relevant for this team
Events
You may select the events you want to recieve.
Verifying the Signature
If a secret is provided a signature of the body is computed using HMAC SHA-256 and sent as X-SB-Signature http header. You can use this header to verify the message.
Here is an example of doing this in Java:
private static boolean validateSignature(byte[] body, String secret, String header) throws Exception {
    //calculate the signature using the secret
    Mac mac = Mac.getInstance("HmacSHA256");
    mac.init(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), "HmacSHA256"));
    byte[] signature = mac.doFinal(body);
​
    //remove the algorithm prefix and decode the hex to bytes[]
    byte[] receivedSignature = Hex.decode(header.replaceFirst("^hmac-sha256 ", ""));
​
    //compare using time-constant algorithm
    return MessageDigest.isEqual(signature, receivedSignature);
}

Last modified 16d ago

Name	The name for this integration will not show up in the JSON body.
URL	The URL, which will receive a HTTP Post request with the JSON body
Secret	You may a specify a secret which will be used to sign the body. Verifying the signature. optional
Team	If no team is specified, you'll receieve all events. If you do specify a team you'll only receive events relevant for this team
Events	You may select the events you want to recieve.