Webhooks

Screenshotbot provides a mechanism to get notifications of events via webhooks. Webhooks are nothing but HTTP callbacks that are called from Screenshotbot to a service you own and operate.

Setting up webhooks

To set up webhooks, go to Settings -> Webhooks. Provide a Webhook endpoint, and check the Enable webhooks checkbox.

You can click the Show Signing Key to get the signing key Screenshotbot will use to sign every request. By verifying the signature of every payload, you can be sure that it was generated by us.

Secure your webhooks (recommended)

Screenshotbot sends a POST request to your service with the given payload. The payload is a JSON body, which we will describe in the next section.

Before you parse the JSON body, you might want to verify the payload. (You can skip this step if you're not doing anything sensitive with the event.)

Each request will have a header Screenshotbot-Signature that looks like t=%d,signature=%s. t is the unix timestamp in UTC when the payload was created. signature is HMAC-SHA256 of {t}.{payload}, using the signing key from the settings page.

To prevent replay attacks, you might want to verify that the timestamp in the signature was less than, say, five minutes in the past.

Debugging and Testing Webhooks

While building a service that listens to webhooks, you might have to test and debug the integration.

We provide a log of all the webhooks we have sent out in the last 30 days, and give you a way to inspect the payload that was sent, and also an option to resend failed payloads.

This let's you test your endpoint without having to manually reproduce the event in Screenshotbot each time.

Webhook events

Event channel.promotion

This event is dispatched when a promotion happens on a branch that resulted in a report.

This event has the following fields: