Webhook Basics

Creating Webhooks

You can create a webhook within our console or through our SDK

Editing a Webhook

After creating a webhook, you can edit the events and endpoint that the webhook is associated with. Please refer to the Events section for more information on the events that you can listen to.

Regenerating Webhook Secret

You can regenerate the secret associated with a webhook. This will invalidate the previous secret, and you will need to update your application to use the new secret in order to correctly verify the webhook payload.

Deleting a Webhook

After creating a webhook, you can delete it at any time. This will instantly invalidate the webhook, and Hop will no longer send any requests to the endpoint associated with the webhook.

Webhook Payload

Request Headers

With every webhook request sent to your endpoint, Hop will include a signature header. This will help you verify that the request is coming from Hop, and not a malicious/third-party source.

Header Example:

X-Hop-Hooks-Signature: 86EBE7F54A92C809CDF8F3DC6536C566A1C074F9B001E9118DF7EC433BE435E7

Request Body

When an event occurrs that the webhook is listening to, Hop will send a POST request to the endpoint you specified when creating the webhook. The request body will contain a JSON object.

Body Example:

	"webhook_id": "webhook_MTkzMDU5MTE4NzcyNDA0MjI3",
	"project_id": "project_MTY1MjU5NTk1NTAwNTY4NTc3",
	"occurred_at": "2023-10-02T15:46:13.323Z",
	"id": "event_MTkzMzkwODU2OTQwODkyMjgx",
	"event": "ignite.deployment.container.metrics_update",
	"data": {
		"metrics": {
			"memory_usage_percent": "0.07",
			"memory_usage_bytes": 393216,
			"cpu_usage_percent": "0.00"
		"container_id": "container_MTkzMDc3MjExODczMDc5MzAx"

Verify Webhook Payload

To verify the webhook payload to ensure that it is coming from Hop, we provide a utility function in the @onehop/js SDK.

Similar to the Stripe SDK, you can also construct an event to get type safe access to the webhook payload.

import {constructEvent} from '@onehop/js';

try {
	const event = constructEvent(

	console.log(event.id, event.data);
} catch (err) {
	// handle error ("Invalid signature")


For a full example using express - see here



ignite.deployment.createdDeployment Created
ignite.deployment.updatedDeployment Updated
ignite.deployment.deletedDeployment Deleted
ignite.deployment.build.createdBuild Created
ignite.deployment.build.startedBuild Started
ignite.deployment.build.updatedBuild Updated
ignite.deployment.rollout.createdRollout Created
ignite.deployment.rollout.updatedRollout Updated
ignite.deployment.container.createdContainer Created
ignite.deployment.container.updatedContainer Updated
ignite.deployment.container.metrics_updateContainer Metrics Update
ignite.deployment.container.deletedContainer Deleted
ignite.deployment.healthcheck.createdHealthcheck Created
ignite.deployment.healthcheck.updatedHealthcheck Updated
ignite.deployment.healthcheck.deletedHealthcheck Deleted
ignite.deployment.healthcheck.events.failedHealthcheck Events Failed
ignite.deployment.healthcheck.events.succeededHealthcheck Events Succeeded
ignite.deployment.gateway.createdGateway Created
ignite.deployment.gateway.updatedGateway Updated
ignite.deployment.gateway.deletedGateway Deleted


project.member.createdMember Created
project.member.updatedMember Updated
project.member.deletedMember Deleted
project.tokens.createdToken Created
project.tokens.deletedToken Deleted
project.secrets.createdSecret Created
project.secrets.updatedSecret Updated
project.secrets.deletedSecret Deleted
project.finance.transactionFinance Transaction