Sources

A source is any service that sends the Hookdeck platform HTTP requests. For example, a third-party service sending webhooks such as Shopify and Stripe, or an internal service making an HTTP request to distribute an event to other services, external or internal.

How sources work

Each source is given a unique Hookdeck URL that can be pasted into the HTTP or webhook URL field of the sender platform, or used within code when making the HTTP request.

Once HTTP requests are received by Hookdeck via the source URL, events are ingested and routed according to your connection rules.

Hookdeck is a platform for asynchronous messaging and therefore returns a basic customizable synchronous HTTP response to the client that has invoked the source URL. It is not possible to synchronously return a response from a destination to the client (for example, the result of an API call). However, you can use an asynchonous workflow to achieve this and send the result of any work done by a destination via a webhook callback. See the Hookdeck destination response FAQ for more information.

You can customize the source URL to use your own custom domain name. See Custom Domain for more information.

Source Types

Source Types help you quickly configure sources for specific platforms and services. When you select a Source Type, Hookdeck automatically sets up the appropriate configuration including authentication methods, required headers, and response formats commonly used by that platform.

For example, selecting the "Stripe" Source Type will automatically configure the source to handle Stripe's webhook signature verification and respond with the expected 200 status code.

With generic types such as "Webhook" and "HTTP" you can still customize the configuration to match your specific need regardless of the provider is directly supported by Hookdeck.

Source Types include popular platforms like:

• ADYEN
• AIPRISE
• AIRWALLEX
• AKENEO
• AWS_SNS
• BIGCOMMERCE
• BONDSMITH
• BRIDGE
• CLOUDSIGNAL
• COMMERCELAYER
• COURIER
• CUSTOMERIO
• DISCORD
• DOCUSIGN
• EBAY
• ENODE
• FACEBOOK
• FAVRO
• FIREBLOCKS
• FISERV
• FRONTAPP
• GITHUB
• GITLAB
• GOCARDLESS
• HTTP
• HUBSPOT
• LINEAR
• LINKEDIN
• MAILCHIMP
• MAILGUN
• MANAGED
• NMI
• ORB
• OURA
• PADDLE
• PAYPAL
• PERSONA
• PIPEDRIVE
• POLAR
• POSTMARK
• PRAXIS
• PROPERTY-FINDER
• PUBLISH_API
• PYLON
• RAZORPAY
• RECHARGE
• REPAY
• REPLICATE
• SANITY
• SENDGRID
• SHOPIFY
• SHOPLINE
• SLACK
• SMILE
• SOLIDGATE
• SQUARE
• STRAVA
• STRIPE
• SVIX
• SYNCTERA
• TALLY
• TEBEX
• TELNYX
• THREE_D_EYE
• TIKTOK
• TOKENIO
• TREEZOR
• TRELLO
• TWILIO
• TWITCH
• TWITTER
• TYPEFORM
• UPOLLO
• VERCEL
• VERCEL_LOG_DRAINS
• WEBHOOK
• WHATSAPP
• WIX
• WOOCOMMERCE
• WORKOS
• XERO
• ZENDESK
• ZOOM

Content-types

Hookdeck aims to be compatible with every API provider and with common HTTP event payloads. To accomplish this, we remain platform-agnostic and ingest requests (up to 10 MiB) with one of the following content-types:

• text/plain
• text/xml
• application/json
• application/x-www-form-urlencoded
• application/xml
• application/*+json
• application/jwt
• application/x-ndjson
• multipart/form-data

If you encounter a problem integrating a specific API provider, send us a message.

Create a source

Creating a source allows Hookdeck to begin receiving and routing events sent from a specific origin.

{
  "name": "shopify"
}

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Custom methods

POST, PUT, PATCH, and DELETE requests are accepted by default. GET requests are not accepted by default, but you can enable them in the Source Configuration > Advanced Source Configuration section when creating or updating your sources.

You can also enable them explicitly by using a x-hookdeck-allow-methods query string parameter in your Hookdeck source URL.

?x-hookdeck-allow-methods=get

Custom responses

Some API vendors modify their behavior based on the response they receive from a request. For these providers, Hookdeck supports setting custom responses to satisfy their requirements.

You can also use query string parameter x-hookdeck-response to explicitly customize the response. Append one of the following query parameters to the Hookdeck-provided source URL to achieve the desired response.

Add source authentication

Requests can optionally be authenticated. While Source Types come with recommended authentication settings, you can customize these as needed. Hookdeck supports generic authentication options, HMAC, Basic Auth, and API Keys, which cover the majority of authentication providers.

If you've selected a specific Source Type, the authentication method will be pre-configured according to that platform's requirements. You'll only need to provide the necessary credentials.

Configure how incoming requests from a source are authenticated.

{
  "name": "shopify"
}

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

All secrets are AES encrypted.

In the connection's page, your source will now have a shield icon next to it.

Edit source authentication

Edit a source to update the authentication method or change the credentials.

{
  "name": "shopify"
}

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Remove source authentication

Removing authentication from a source will stop the authentication and verification of any incoming requests and all requests will be accepted.

{
  "name": "shopify"
}

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Edit a source

Editing a source lets you change the name of a source in your project.

{
  "name": "shopify"
}

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Once a source has been renamed, its name is updated throughout the project and within any associated connection(s).

Disable a source

Disabling a source temporarily halts inbound requests at the associated Hookdeck URL. An HTTP 200 status code will still be returned for any request received on your Source URL.

This process also disables all the connections that are associated to that source.

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": "2021-08-02T14:12:57.370Z",
  "updated_at": "2021-08-02T14:12:57.383Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Enable a source

Enabling a source returns that source to its previously active state.

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW",
  "team_id": "tm_nlcetVe8k1lMAY0KR0OxNuHr",
  "disabled_at": null,
  "updated_at": "2021-08-02T14:12:57.327Z",
  "created_at": "2021-08-01T21:29:41.788Z",
  "name": "shopify",
  "type": "WEBHOOK",
  "url": "https://hkdk.events/9YmY0SHklrv6zBQz78cKGwSW",
  "config": {
    "allowed_http_methods": [
      "PUT",
      "PATCH",
      "DELETE",
      "POST"
    ],
    "custom_response": null,
    "auth_type": null,
    "auth": null
  }
}

Hookdeck will resume ingesting requests from the enabled source. You may need to enable the associated connection(s) when the source was disabled or create new connections. Requests received from the source while it was disabled will not be available for replay.

Delete a source

Deleting a source permanently disables inbound requests at the associated Hookdeck URL. Hookdeck will return an HTTP 410 status code for any request received on your Source URL.

Associated event and request data is retained for the remainder of your retention window and will be displayed with a Source Deleted label.

This process also deletes all the connections that rely on the source.

{
  "id": "src_9YmY0SHklrv6zBQz78cKGwSW"
}

Once a source has been deleted, it will disappear from your list of sources and the Connections page.