Webhooks - Event Notifications
Instant JSON Validation and Transformation
Configure automated event listeners to receive real-time alerts when validation jobs complete, schemas update, or transformation pipelines finish processing. Integrate directly with Jenkins, Slack, or your custom CI/CD orchestration layer.
Endpoint Configuration
Attach webhook listeners to specific project IDs or global workspace events. Each listener requires a publicly reachable HTTPS endpoint capable of accepting `POST` requests with `application/json` content-type. JSONForge routes events through our Frankfurt and Virginia edge nodes to minimize latency.
Validation Triggers
Fire notifications when `drone-schema-compiler` finishes a batch run. Configure thresholds for failed schemas, deprecated property usage, or draft-07 to draft-2019-09 migration warnings.
Transformation Jobs
Monitor `jolt-transformer` and `jsonata-engine` pipelines. Receive callbacks on successful payload restructuring, type coercion completions, or when output size exceeds the 12MB concurrency limit.
Rate Limiting & Queues
Listeners automatically inherit your workspace quota. If your endpoint returns `429 Too Many Requests`, JSONForge pauses dispatch for 30 seconds and switches to exponential backoff.
Payload Structure & Retry Logic
Every webhook dispatch contains a standardized envelope wrapping the event metadata and job results. We guarantee exactly-once delivery semantics for critical pipeline events, with a maximum retry window of 6 hours.
Standard Envelope Fields: `event_id`, `timestamp`, `source_ip`, `workspace_slug`, `event_type`
The `data` object varies by trigger. Validation events include `schema_uri`, `validation_errors[]`, and `compliance_score`. Transformation events expose `input_hash`, `output_format`, `records_processed`, and `execution_ms`. All payloads are compressed via gzip by default; append `Accept-Encoding: identity` to receive raw JSON.
Retry policy follows a 1-2-4-8 minute interval schedule. After three consecutive `5xx` responses, the listener is marked `degraded` in your dashboard. We purge failed queues after 1440 minutes to prevent stale state accumulation.
Signature Verification & HMAC
Protect your endpoints from spoofed requests by validating the `X-JSONForge-Signature-256` header. We compute an HMAC-SHA256 digest using your workspace secret and the raw request body.
Verification Header Format: `t=<unix_timestamp>,v1=<hex_signature>`
Generate a new signing secret via the workspace settings panel. Rotate secrets without downtime by maintaining two active keys; JSONForge signs outgoing payloads with the primary key until the secondary key is promoted. Always verify the timestamp against a 5-minute tolerance window to prevent replay attacks.
For enterprise VPC endpoints, TLS 1.2+ is enforced. Client certificate pinning is available for `jsonforge-pro` tiers. Disable public internet access by restricting ingress to your internal load balancer CIDR range `10.0.0.0/16`.