← recall

webhook pattern

Server pushes events to a URL the client previously registered. Real-time delivery, but you've inverted the trust boundary — the server now makes outbound calls into your network.

Server pushes events to a URL the client previously registered. Real-time delivery, but you've inverted the trust boundary — the server now makes outbound calls into your network.

symptoms

• lost events when receiver is down
• duplicate deliveries on retry
• auth complexity (verifying sender)

causes

• polling too slow / wasteful
• need real-time event push

fixes

• idempotent receivers
• signature verification (HMAC)
• retry with backoff on non-2xx
• dead-letter for unrecoverable deliveries

you might say

• fire a webhook
• register a callback URL

related

• polling
• long-polling
• outbox-pattern
• dead-letter-queue

aliases: callback url, reverse api

topics: api-design

references:

• Stripe — Webhooks