Sources

A source is a representation of a service that sends HTTP requests to the Hookdeck Event Gateway. For example, a third-party service sending webhooks, such as Shopify and Stripe, or an internal service making an HTTP request to distribute an event to other services, external or internal.

How sources work

Each source is given a unique Hookdeck URL that can be pasted into the HTTP or webhook URL field of the sender platform, or used within code when making the HTTP request.

Once HTTP requests are received by Hookdeck via the source URL, events are ingested and routed according to your connection rules.

Hookdeck is a platform for asynchronous messaging and therefore returns a basic customizable synchronous HTTP response to the client that has invoked the source URL. It is not possible to synchronously return a response from a destination to the client (for example, the result of an API call). However, you can use an asynchonous workflow to achieve this and send the result of any work done by a destination via a webhook callback. See the Hookdeck destination response FAQ for more information.

You can customize the source URL to use your own custom domain name. See Custom Domain for more information.

Source Types

Source Types help you quickly configure sources for specific platforms and services. When you select a Source Type, Hookdeck automatically sets up the appropriate configuration including authentication methods, required headers, and response formats commonly used by that platform.

For example, selecting the "Stripe" Source Type will automatically configure the source to handle Stripe's webhook signature verification and respond with the expected 200 status code.

With generic types such as "Webhook" and "HTTP" you can still customize the configuration to match your specific need regardless of the provider is directly supported by Hookdeck.

Source Types include popular platforms like:

Content-types

Hookdeck aims to be compatible with every API provider and with common HTTP event payloads. To accomplish this, we remain platform-agnostic and ingest requests (up to 10 MiB) with one of the following content-types:

  • text/plain
  • text/xml
  • application/json
  • application/x-www-form-urlencoded
  • application/xml
  • application/*+json
  • application/jwt
  • application/x-ndjson
  • multipart/form-data

If you encounter a problem integrating a specific API provider, send us a message.

Create a source

Creating a source allows Hookdeck to begin receiving and routing events sent from a specific origin.

  1. Follow the instructions for creating a connection
  2. When configuring the source, select the appropriate Source Type from the dropdown
  3. Configure any additional settings specific to your chosen Source Type
POST
/2025-01-01/sources
Request body example
Copied JSON 
{
  "name": "shopify"
}
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Custom methods

POST, PUT, PATCH, and DELETE requests are accepted by default. GET requests are not accepted by default, but you can enable them in the Source Configuration > Advanced Source Configuration section when creating or updating your sources.

HTTP Methods in the advanced configuration section in Source form

You can also enable them explicitly by using a x-hookdeck-allow-methods query string parameter in your Hookdeck source URL.

?x-hookdeck-allow-methods=get

Custom responses

Some API vendors modify their behavior based on the response they receive from a request. For these providers, Hookdeck supports setting custom responses to satisfy their requirements.

Customize Response in Source form

You can also use query string parameter x-hookdeck-response to explicitly customize the response. Append one of the following query parameters to the Hookdeck-provided source URL to achieve the desired response.

ResponseQuery parameter exampleBehavior
Empty?x-hookdeck-response=null or ?x-hookdeck-responseHookdeck responds with an empty body
Text?x-hookdeck-response[text]=Hello+WorldHookdeck responds with the text Hello World
JSON?x-hookdeck-response[json]=%7B%22message%22%3A%22Hello%20World%22%7DHookdeck responds with the specified JSON
XML?x-hookdeck-response[xml]=<root><child></child></root>Hookdeck responds with the specified XML

Add source authentication

Requests can optionally be authenticated. While Source Types come with recommended authentication settings, you can customize these as needed. Hookdeck supports generic authentication options, HMAC, Basic Auth, and API Keys, which cover the majority of authentication providers.

If you've selected a specific Source Type, the authentication method will be pre-configured according to that platform's requirements. You'll only need to provide the necessary credentials.

Configure how incoming requests from a source are authenticated.

  1. Open the Connections page.
  2. Click the source you want to authenticate.
  3. Click Open Source.
  4. Under Advanced Source Configuration, toggle the Source Authentication switch and select the appropriate authentication method from the dropdown.
  5. Enter the information required by the authentication method.
  6. Click Save.
PUT
/2025-01-01/sources/:id
Request body example
Copied JSON 
{
  "name": "shopify"
}
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

All secrets are AES encrypted.

In the connection's page, your source will now have a shield icon next to it.

Edit source authentication

Edit a source to update the authentication method or change the credentials.

  1. Open the Connections page.
  2. Click the source you want to edit the authentication method for.
  3. Click Open Source.
  4. Scroll to Source Authentication under Advanced Source Configuration, and change the authentication method and related credentials.
  5. Click Save.
PUT
/2025-01-01/sources/:id
Request body example
Copied JSON 
{
  "name": "shopify"
}
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Remove source authentication

Removing authentication from a source will stop the authentication and verification of any incoming requests and all requests will be accepted.

  1. Open the Connections page.
  2. Click the source you want to remove authentication from.
  3. Click Open Source.
  4. Under Advanced Source Configuration, toggle off the Source Authentication switch.
  5. Click Save.
PUT
/2025-01-01/sources/:id
Request body example
Copied JSON 
{
  "name": "shopify"
}
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Edit a source

Editing a source lets you change the name of a source in your project.

  1. Open the Connections page.
  2. Click the source you want to edit.
  3. You can edit the source from inside the popup or click Open Source to edit in full page.
  4. Click Save.
PUT
/2025-01-01/sources/:id
Request body example
Copied JSON 
{
  "name": "shopify"
}
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Once a source has been renamed, its name is updated throughout the project and within any associated connection(s).

Disable a source

Disabling a source temporarily halts inbound requests at the associated Hookdeck URL. An HTTP 200 status code will still be returned for any request received on your Source URL.

This process also disables all the connections that are associated to that source.

  1. Open the Connections page.
  2. Click the source you wish to disable.
  3. Click ••• button in the bottom right corner of the popup.
  4. Click Disable Source.
PUT
/2025-01-01/sources/:id/disable
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": "2021-08-02T14:12:57.370Z",
  "updated_at": "2021-08-02T14:12:57.383Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Enable a source

Enabling a source returns that source to its previously active state.

  1. Open the Connections page.
  2. Click the disabled source you wish to enable.
  3. Click ••• button in the bottom right corner of the popup.
  4. Click Enable Source.
PUT
/2025-01-01/sources/:id/enable
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Hookdeck will resume ingesting requests from the enabled source. You may need to enable the associated connection(s) when the source was disabled or create new connections. Requests received from the source while it was disabled will not be available for replay.

Delete a source

Deleting a source permanently disables inbound requests at the associated Hookdeck URL. Hookdeck will return an HTTP 410 status code for any request received on your Source URL.

Associated event and request data is retained for the remainder of your retention window and will be displayed with a Source Deleted label.

This process also deletes all the connections that rely on the source.

  1. Open the Connections page.
  2. Click the source you wish to delete.
  3. Click ••• button in the bottom right corner of the popup.
  4. Click Delete Source.
  5. Click Delete in the confirmation dialog.
DELETE
/2025-01-01/sources/:id
Response example
Copied JSON 
{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW"
}

Once a source has been deleted, it will disappear from your list of sources and the Connections page.

<- Previous Connections Next -> Destinations