Webhooks Glossary
Actors & Core Concepts
Defines the core roles and nouns in a webhook system: who emits, who receives, what URL is hit, and the edge entry point. This matters because a shared vocabulary makes responsibilities clear, keeps implementations consistent, and speeds debugging.
Endpoint
Property | Description |
---|---|
Definition | HTTP URL that receives webhooks. Example: /webhooks/stripe (POST). |
Why it matters | Determines auth, timeout, concurrency, and routing targets. |
Hookdeck | After consuming a webhook on your behalf, Hookdeck delivers the event to your endpoint. Learn more |
Also called | listener, callback URL, webhook URL, destination URL, target URL, receiver URL, notification URL, callback endpoint, hook URL, push URL, event URL, subscriber URL, consumer endpoint, ingestion endpoint, reception point |
Related terms: Forwarding · Signature (HMAC)
Webhook body
Property | Description |
---|---|
Definition | The HTTP request payload containing the event data, usually in JSON format. |
Why it matters | The body holds the actual business event (e.g., invoice.paid , user.created ) that your app consumes. Parsing and validating it correctly is essential for correctness and security. |
Hookdeck | Hookdeck stores the raw body, exposes it in logs, and forwards it unchanged to your app unless transformations are applied. |
Also called | payload, message body, event payload, data body, webhook payload |
Related terms: Webhook header · Webhook event · Schema drift
Webhook consumer
Property | Description |
---|---|
Definition | System that receives/processes webhooks. |
Why it matters | Owns retries, idempotency, and downstream effects. |
Hookdeck | Hookdeck acts as the public-facing consumer; your app is the downstream destination. Use Hookdeck's URL instead of your endpoint. |
Also called | destination, subscriber, receiver, listener, target system, recipient, handler, processor, event consumer, webhook receiver, ingestion system, sink, destination system |
Related terms: Endpoint · Retry · Idempotency
Webhook event
Property | Description |
---|---|
Definition | Fact emitted by a provider at a point in time (immutable payload + metadata). |
Why it matters | Basis for idempotency, ordering, and schema contracts. |
Hookdeck | Hookdeck preserves event identity/metadata for tracing, dedupe, and replay. Learn more |
Also called | webhook, event, message, notification, trigger, signal, action, occurrence, incident, activity, operation, transaction, state change, update, alert, notification trigger, event notification, business event, system event, domain event |
Related terms: Idempotency · Correlation ID · Schema drift
Webhook gateway
Property | Description |
---|---|
Definition | Entry point that offers verification, middlewares and routing of webhooks. |
Why it matters | Offloads edge complexity and centralizes control/visibility. |
Hookdeck | Treat Hookdeck as your managed event gateway for webhooks. Learn more |
Also called | broker, edge, API gateway, edge gateway, message broker, event broker, ingestion gateway |
Related terms: Webhook proxy · Visibility layer · Routing
Webhook header
Property | Description |
---|---|
Definition | HTTP headers attached to a webhook request, carrying context such as event type, signature, delivery ID, and retry count. |
Why it matters | Headers are critical for authentication, tracing, and interpreting the payload; missing or tampered headers can break verification or observability. |
Hookdeck | Hookdeck preserves provider headers, adds delivery IDs and metadata, and makes them searchable in the dashboard. |
Also called | request header, HTTP header, metadata header, webhook request header |
Related terms: Webhook body · Signature (HMAC) · Correlation ID
Webhook metadata
Property | Description |
---|---|
Definition | Supplemental information attached to a webhook delivery that isn't part of the main event body (e.g., delivery ID, retry count, timestamp). |
Why it matters | Metadata enables idempotency checks, observability, and replay; it's how you distinguish retries or trace an event across systems. |
Hookdeck | Hookdeck enriches webhooks with delivery metadata (timestamps, status, attempt count) and makes it queryable for debugging or replay. |
Also called | event metadata, delivery context, webhook context, delivery attributes |
Related terms: Idempotency · Retry · Correlation ID
Webhook provider
Property | Description |
---|---|
Definition | System that emits webhook events. Example: Stripe publishes invoice.paid . |
Why it matters | Clarifies who signs requests and defines payload schema. |
Hookdeck | Hookdeck doesn't change your provider; it consumes their webhooks and normalizes intake. Learn more |
Also called | source, publisher, sender, producer, emitter, originator, broadcaster, source system, event producer, notification source, event source, webhook sender, dispatcher, initiator |
Related terms: Webhook consumer · Endpoint · Signature (HMAC)
Forwarding & Edge Proxy
Accepting webhooks at the edge and relaying them to internal destinations (including localhost during development). This matters because it hides internal surfaces, centralizes control and visibility, and reduces production risk.
Forwarding
Property | Description |
---|---|
Definition | Push received webhooks to another URL (localhost or multiple services). |
Why it matters | Hides internal services; enables fan-out and env isolation. |
Hookdeck | Forward from Hookdeck to one or many internal endpoints without exposing them. |
Also called | relay, proxy, event relay, message forwarding, webhook relay, pass-through, re-routing |
Related terms: Routing · Replay
Tunnel
Property | Description |
---|---|
Definition | Temporary public URL to localhost. |
Why it matters | Enables local development/testing without exposing prod. |
Hookdeck | Use tunnels for dev using the CLI. In prod terminate at Hookdeck, not localhost. Learn more |
Also called | reverse tunnel, localhost tunnel, dev tunnel, HTTP tunnel, secure tunnel |
Related terms: Sandbox · Forwarding
Webhook proxy
Property | Description |
---|---|
Definition | Component that terminates incoming HTTP then re-sends. |
Why it matters | Adds visibility, control, and security at the edge. |
Hookdeck | Hookdeck is your managed webhook proxy with logs and control. |
Also called | gateway, edge proxy, webhook gateway, reverse proxy, middleware proxy, intermediary |
Related terms: Visibility layer · Signature (HMAC)
Ingestion & Flow Control
Reliable intake and traffic shaping before processing—accept, buffer, queue/stream, and apply backpressure. This matters because it decouples providers from consumers, absorbs bursts, preserves durability, and keeps downstream systems stable.
Backpressure
Property | Description |
---|---|
Definition | Mechanism to slow producers when consumers lag. |
Why it matters | Prevents overload and cascading failures. |
Hookdeck | Use Hookdeck rate limits to push back safely. |
Also called | flow control, rate control, congestion control, throttle feedback |
Related terms: Rate limiting · Burst control
Buffer
Property | Description |
---|---|
Definition | Short-term storage before processing. |
Why it matters | Smooths spikes; prevents loss on crashes. |
Hookdeck | Hookdeck absorbs bursts and smooths delivery to protect services. |
Also called | queue, staging area, cache, temporary storage, holding area, event buffer |
Related terms: Queue · Burst control
Fan-in
Property | Description |
---|---|
Definition | Many providers into one ingress point. |
Why it matters | Centralizes auth/verification and reduces operational sprawl. |
Hookdeck | Receive from many providers in Hookdeck; normalize and forward internally. |
Also called | aggregation, consolidation, many-to-one, collection point, convergence |
Related terms: Ingestion · Routing
Ingestion
Property | Description |
---|---|
Definition | Reliable intake of inbound events (accept → buffer → persist → dispatch). |
Why it matters | Absorbs spikes and decouples providers from consumers. |
Hookdeck | Hookdeck is your ingress: receive, verify, buffer, then deliver. |
Also called | intake, intake pipeline, event ingestion, data ingestion, collection, event collection |
Partition
Property | Description |
---|---|
Definition | Subset/lane of an event stream. |
Why it matters | Scales processing while preserving per-key order. |
Hookdeck | Route by keys via Hookdeck to approximate partitions. |
Also called | shard, segment, slice, channel, lane, sub-stream |
Related terms: Stream · Ordering
Queue
Property | Description |
---|---|
Definition | FIFO structure for events awaiting processing. Careful not to confuse FIFO with ordering. |
Why it matters | Controls concurrency and isolation. |
Hookdeck | Deliveries queue at Hookdeck; control concurrency toward your app. |
Also called | message queue, event queue, task queue, work queue, processing queue |
Stream
Property | Description |
---|---|
Definition | Ordered partitioned log of events. |
Why it matters | Supports high-throughput ingest with partitioned ordering. |
Hookdeck | Forward from Hookdeck into your stream processor if needed. |
Also called | log, topic, event stream, message stream, data stream, event log, commit log |
Related terms: Partition · Routing
Routing & Transformation
Decide where each event goes and how its payload is shaped so consumers can act. This matters because it reduces noise and coupling, enables multiple consumers, and keeps data usable across services.
Enrichment
Property | Description |
---|---|
Definition | Add data from other systems. |
Why it matters | Provides context for smarter downstream decisions. |
Hookdeck | Do enrichment in downstream services; Hookdeck focuses on transport/control. |
Also called | hydration, augmentation, enhancement, data enrichment, context addition |
Related terms: Transformation · Routing
Fan-out
Property | Description |
---|---|
Definition | Send one event to many endpoints. |
Why it matters | Lets multiple teams/systems react to the same event. |
Hookdeck | Fan-out from Hookdeck to billing, analytics, CRM, etc. |
Also called | broadcast, multicast, one-to-many, distribution, replication, scatter |
Related terms: Forwarding · Routing
Filtering
Property | Description |
---|---|
Definition | Include/exclude events via predicates. |
Why it matters | Reduces noise and downstream cost. |
Hookdeck | Filter at Hookdeck so your app only sees relevant events. Learn more |
Also called | rules, selectors, event filtering, event selection, subscription filtering, event discrimination, topic filtering, event criteria |
Related terms: Routing · Transformation
Routing
Property | Description |
---|---|
Definition | Send events to destinations based on rules (headers, type, body fields). |
Why it matters | Ensures the right services receive relevant events. |
Hookdeck | Route by headers/body rules in Hookdeck; target the right services. |
Also called | dispatch, fan-out, event routing, message routing, distribution, directing |
Related terms: Filtering · Forwarding
Transformation
Property | Description |
---|---|
Definition | Change payload shape. |
Why it matters | Normalizes inputs across providers and versions. |
Hookdeck | After consuming a webhook, modify payload using Javascript before delivery. Learn more |
Also called | mapping, adapters, translation, conversion, reshaping, reformatting, normalization |
Related terms: Enrichment · Schema drift
Delivery Semantics
The delivery contract: what “delivered” means and what guarantees exist (acknowledgement, ordering, idempotency). This matters because it sets correct expectations, drives handler design, and informs retry/redelivery behavior.
Acknowledgement
Property | Description |
---|---|
Definition | Endpoint's confirmation of receipt (e.g., 200/204). |
Why it matters | Fast acks prevent provider retries/timeouts. |
Hookdeck | Hookdeck acks providers quickly, then delivers to your app asynchronously. |
Also called | ack, 2xx response, receipt confirmation, delivery confirmation, success response, webhook acknowledgment, reception confirmation, ACK |
Related terms: Delivery · Timeout
At-least-once
Property | Description |
---|---|
Definition | Deliveries may be duplicated but not lost. |
Why it matters | Default for most providers; requires idempotent consumers. |
Hookdeck | Embraces at-least-once; pair with idempotency/deduping. |
Also called | guaranteed delivery, reliable delivery |
Related terms: Idempotency · Retry
At-most-once
Property | Description |
---|---|
Definition | No duplicates, but loss possible. |
Why it matters | Not ideal for critical workloads. |
Hookdeck | Prefer at-least-once + idempotency instead. |
Also called | best-effort delivery, fire-and-forget |
Related terms: Delivery
Deduplication
Property | Description |
---|---|
Definition | Detect and drop duplicates. |
Why it matters | Prevents double-charging, double-sends, and data skew. |
Hookdeck | Combine provider IDs with Hookdeck delivery IDs to drop duplicates. |
Also called | de-dupe, duplicate detection, duplicate removal, duplicate filtering |
Related terms: Idempotency · Replay
Delivery
Property | Description |
---|---|
Definition | Act of sending an event to an endpoint; success = HTTP 2xx. |
Why it matters | Drives retry/backoff policy and alerting. |
Hookdeck | Hookdeck manages delivery with retries, backoff, and observability. |
Also called | dispatch, push, transmission, send, event delivery, webhook delivery, notification delivery, message delivery |
Related terms: Retry · Timeout · Latency
Exactly-once
Property | Description |
---|---|
Definition | No loss, no duplicates, ordered. |
Why it matters | Hard to guarantee over HTTP; emulate at consumer. |
Hookdeck | Achieve via idempotency + dedupe, not transport promises. |
Also called | guaranteed unique delivery, perfect delivery |
Related terms: Idempotency · Deduplication
Idempotency
Property | Description |
---|---|
Definition | Safe to process the same event more than once. |
Why it matters | Enables safe retries/replays without double effects. |
Hookdeck | Hookdeck exposes stable IDs so your app can record and skip duplicates. |
Also called | deduplicated processing, idempotent processing, duplicate safety, re-delivery safety, multiple delivery handling, replay safety |
Related terms: Retry · Replay · Correlation ID
Ordering
Property | Description |
---|---|
Definition | Sequence guarantees across deliveries. |
Why it matters | Some workflows need per-key ordering; most webhooks don't guarantee it. |
Hookdeck | Don't assume order; design consumers for out-of-order events. |
Also called | in-order delivery, sequential delivery, event ordering, message ordering, FIFO guarantee |
Related terms: Partition · Idempotency
Reliability & Recovery
Controls and patterns that keep deliveries working under failure (retry, backoff, timeouts, DLQ, replay, rate/burst limits, circuit breakers). This matters because they prevent loss, protect dependencies, and enable safe, targeted recovery.
Backoff
Property | Description |
---|---|
Definition | Increasing delay between retries. |
Why it matters | Avoids thundering herds and contention. |
Hookdeck | Hookdeck staggers retries with backoff and jitter. |
Also called | exponential backoff, progressive delay, incremental retry, graduated retry, expanding intervals, geometric backoff, progressive backoff |
Related terms: Retry · Rate limiting
Burst control
Property | Description |
---|---|
Definition | Smooth short spikes to a steady flow. |
Why it matters | Prevents overload and keeps latency predictable. |
Hookdeck | Hookdeck smooths spikes with buffering and controlled concurrency. |
Also called | smoothing, traffic shaping, load leveling, spike dampening |
Related terms: Rate limiting · Buffer
Circuit breaker
Property | Description |
---|---|
Definition | Temporarily stop calls to a failing endpoint. |
Why it matters | Prevents cascading failures and protects upstreams. |
Hookdeck | Pause or disable forwarding when an endpoint degrades. Learn more |
Also called | failure protection, automatic cutoff, endpoint protection, overload protection, failure circuit |
Related terms: Retry · Timeout
Dead Letter Queue (DLQ)
Property | Description |
---|---|
Definition | Holds permanently failed events. |
Why it matters | Stops endless retries; enables safe manual review. |
Hookdeck | Hookdeck isolates permanently failing deliveries for review and replay. |
Also called | poison queue, failed message queue, error queue, undeliverable queue, failed webhook storage, retry exhaustion queue |
Rate limiting
Property | Description |
---|---|
Definition | Cap accepted requests per time unit. |
Why it matters | Protects brittle or costly endpoints. |
Hookdeck | Throttle at Hookdeck to shield downstream services. Learn more |
Also called | throttling, request throttling, API throttling, rate control, request limiting |
Related terms: Burst control · Backoff
Replay
Property | Description |
---|---|
Definition | Re-send historical event to an endpoint. |
Why it matters | Fix bugs and recover without asking providers to resend. |
Hookdeck | Replay single events or ranges from Hookdeck. |
Also called | re-drive, reprocess, re-run, event replay, message replay, historical replay |
Related terms: Idempotency · DLQ
Retry
Property | Description |
---|---|
Definition | Re-delivery attempts after failure. |
Why it matters | Prevents loss from transient errors. |
Hookdeck | Configure Hookdeck retries so transient failures don't drop events. Learn more |
Also called | redelivery, retry attempt, retry logic, retry mechanism, resend, re-attempt, failure recovery |
Timeout
Property | Description |
---|---|
Definition | Max wait for endpoint to respond. |
Why it matters | Balances provider SLAs with processing time. |
Hookdeck | Hookdeck returns fast to providers and continues delivery to your app. Learn more |
Also called | request timeout, connection timeout, response timeout, delivery timeout, time limit, maximum wait time, deadline |
Related terms: Delivery · Latency
Security & Data Governance
Identity, transport security, access control, and data handling/retention for webhooks. This matters because it preserves integrity and confidentiality, limits blast radius, and satisfies compliance requirements.
Encryption at rest
Property | Description |
---|---|
Definition | Stored data encrypted on disk. |
Why it matters | Compliance and risk reduction. |
Hookdeck | Data is encrypted with AES-256. Retain only what you need; apply org data-at-rest policies. |
Also called | data-at-rest encryption, storage encryption, disk encryption |
Related terms: PII masking · Retention window
Encryption in transit
Property | Description |
---|---|
Definition | TLS for all network hops. |
Why it matters | Prevents eavesdropping/tampering. |
Hookdeck | Data is encrypted with TLS 1.2 or better. Terminate HTTPS at Hookdeck and forward over TLS. |
Also called | HTTPS, transport encryption, wire encryption, data-in-transit encryption |
Related terms: mTLS
IP allowlist
Property | Description |
---|---|
Definition | Only accept from trusted source IPs. |
Why it matters | Hardens ingress; reduces attack surface. |
Hookdeck | Allowlist Hookdeck egress IPs on your network; block everything else. |
Also called | whitelist, allowlist, IP filtering, source IP restriction, network filtering, IP authorization, access control list (ACL) |
Related terms: mTLS · Signature (HMAC)
mTLS
Property | Description |
---|---|
Definition | Mutual TLS between sender and receiver using client certs. |
Why it matters | Stronger identity than shared secrets. |
Hookdeck | Keep Hookdeck at the edge; use mTLS on internal hops where policy requires. |
Also called | client cert auth, two-way SSL, bidirectional TLS, two-way TLS, certificate-based authentication |
Related terms: Encryption in transit · Signature (HMAC)
OAuth (Webhook auth)
Property | Description |
---|---|
Definition | Token-based auth for receiving/forwarding requests. |
Why it matters | Standardizes access; less common for inbound webhooks. |
Hookdeck | Hookdeck forwards bearer headers if your app expects them. Learn more |
Also called | bearer tokens, token authentication, API tokens, access tokens |
Related terms: Signature (HMAC)
PII masking
Property | Description |
---|---|
Definition | Hide sensitive data at rest/in logs. |
Why it matters | Compliance and least-privilege. |
Hookdeck | Keep retention low; mask or avoid storing PII in downstream logs. |
Also called | redaction, data masking, data obfuscation, anonymization, sensitive data removal |
Related terms: Encryption at rest · Retention window
Retention window
Property | Description |
---|---|
Definition | How long events/logs are kept. |
Why it matters | Impacts privacy, cost, and compliance. |
Hookdeck | Set intentional retention; keep only what you need for replay/compliance. |
Also called | TTL, retention period, data retention, storage duration, keep-alive period |
Related terms: Replay · PII masking
Secret rotation
Property | Description |
---|---|
Definition | Regularly change signing/verifier keys. |
Why it matters | Limits blast radius of leaked/old secrets. |
Hookdeck | Rotate provider secrets in Hookdeck; overlap keys during cutovers. |
Also called | key rotation, key refresh, secret refresh, key management |
Related terms: Signature (HMAC)
Signature (HMAC)
Property | Description |
---|---|
Definition | Cryptographic proof event is from provider (verify signature header with shared secret). |
Why it matters | Prevents spoofing; only trusted events reach systems. |
Hookdeck | Verify provider signatures at Hookdeck; forward only if checks pass. Learn more |
Also called | signing secret, hash signature, message authentication code, security signature, verification signature, authentication hash, request signature, payload signature |
Related terms: IP allowlist · mTLS
Performance & SLAs
The metrics and targets for system behavior (HTTP codes, latency, throughput, SLOs/SLAs). This matters because they guide capacity planning, alerting, and performance tuning so the experience meets commitments.
HTTP 2xx/4xx/5xx
Property | Description |
---|---|
Definition | Success (2xx), client error (4xx), server error (5xx). |
Why it matters | 4xx usually stop retries; 5xx/timeouts trigger retries. |
Hookdeck | Configure per-route retry policy and alerting. |
Also called | response codes, status responses, HTTP responses, result codes, return codes |
Related terms: Retry · Timeout
Latency
Property | Description |
---|---|
Definition | Time from send to acknowledgement. |
Why it matters | Impacts user experience and SLAs. |
Hookdeck | Provider-facing latency minimized; internal delivery latency observable. |
Also called | response time, delivery latency, processing time, round-trip time |
Related terms: Timeout · Throughput
SLA / SLO
Property | Description |
---|---|
Definition | Availability/latency commitments and objectives. |
Why it matters | Guides reliability budgets and alerts. |
Hookdeck | Measure at Hookdeck routes and downstream endpoints. |
Also called | Service Level Agreement, Service Level Objective, uptime guarantee, performance targets |
Related terms: Latency · Retry
Throughput
Property | Description |
---|---|
Definition | Events processed per time unit. |
Why it matters | Capacity planning and cost control. |
Hookdeck | Buffering + rate limits let you right-size downstream capacity. |
Also called | TPS, RPS, events per second, messages per second, processing rate, event rate |
Related terms: Rate limiting · Burst control
Observability & Environments
Seeing what’s happening and testing changes safely through tracing/visibility and sandbox/staging/blue-green/mocks. This matters because it speeds debugging, makes regressions obvious, and lowers risk when shipping changes.
Blue/Green
Property | Description |
---|---|
Definition | Two prod environments for zero-downtime switch. |
Why it matters | Reduces risk during deploys and migrations. |
Hookdeck | Pause a route, then flip Hookdeck routing between blue and green during deploys. |
Also called | blue-green deployment, zero-downtime deployment, rolling deployment |
Related terms: Staging · Routing
Correlation ID
Property | Description |
---|---|
Definition | ID used to trace a single event end-to-end. |
Why it matters | Links logs across hops for debugging. |
Hookdeck | Complete logs and traceability within Hookdeck. Learn more |
Also called | trace ID, request ID, message ID, event ID, webhook ID, transaction ID, unique identifier |
Related terms: Visibility layer · Idempotency
Mock server
Property | Description |
---|---|
Definition | Simulates provider to test consumers. |
Why it matters | Enables deterministic tests without external dependencies. |
Hookdeck | Use provider fixtures/mocks; forward via Hookdeck for end-to-end tests. |
Also called | stub, test server, simulator, fake server, test double |
Related terms: Sandbox
Sandbox
Property | Description |
---|---|
Definition | Safe environment for testing webhooks. |
Why it matters | Prevents test data from polluting production. |
Hookdeck | Point provider test mode at Hookdeck sandbox project or routes; isolate from prod. |
Also called | test mode, test environment, dev environment, staging sandbox |
Related terms: Tunnel · Staging
Schema drift
Property | Description |
---|---|
Definition | Payload shape changes over time. |
Why it matters | Breaks consumers silently; must detect early. |
Hookdeck | Use Hookdeck logs to spot payload changes; alert via your observability stack. |
Also called | contract drift, schema evolution, payload drift, format drift, API versioning issues |
Related terms: Transformation · Filtering
Staging
Property | Description |
---|---|
Definition | Pre-prod environment mirroring prod. |
Why it matters | Validate fixes before live traffic. |
Hookdeck | Use separate Hookdeck project or routes per environment. |
Also called | pre-prod, UAT, pre-production, test environment |
Related terms: Blue/Green · Sandbox
Visibility layer
Property | Description |
---|---|
Definition | Central place to observe/trace webhooks. |
Why it matters | Speeds debugging and incident response. |
Hookdeck | Hookdeck centralizes logs, search, and alerts for every webhook. |
Also called | observability gateway, monitoring layer, telemetry layer, insights platform |
Related terms: Webhook proxy · Correlation ID
Gain control over your webhooks
Try Hookdeck to handle your webhook security, observability, queuing, routing, and error recovery.