Webhooks
Reflex sends webhook notifications to your configured endpoints when key events occur.
Configuring webhooks
Navigate to Settings → Webhooks in your dashboard. Each webhook requires:
- URL — The HTTPS endpoint to receive notifications
- Events — Which event types to subscribe to
- Secret — A shared secret for signature verification (auto-generated)
Event types
| Event | Description |
|---|---|
deployment.started | A deployment has begun |
deployment.succeeded | A deployment completed successfully |
deployment.failed | A deployment failed |
deployment.rolled_back | A deployment was rolled back |
incident.opened | An incident was detected |
incident.resolved | An incident was resolved (manually or by playbook) |
server.connected | A server came online |
server.disconnected | A server went offline |
playbook.executed | A self-healing playbook ran |
Payload format
json
{
"id": "evt_abc123",
"type": "deployment.succeeded",
"created_at": "2026-05-04T10:30:00Z",
"data": {
"deployment_id": "dep_xyz789",
"server_id": "srv_def456",
"branch": "main",
"commit_sha": "a1b2c3d",
"duration_seconds": 42
}
}Signature verification
Every webhook request includes a signature header for verification. Code examples for verifying webhook signatures in your language are provided in your dashboard under Settings → Webhooks → Verification Guide.
Always verify the signature before processing any webhook payload.
Retry policy
Failed webhook deliveries (non-2xx response) are retried with exponential backoff up to 5 attempts. After 5 failed attempts, the webhook is marked as failing in your dashboard.
Best practices
- Respond quickly — Return a
200within 5 seconds and process asynchronously - Verify signatures — Always validate the signature header
- Handle duplicates — Use the
idfield for idempotency; the same event may be delivered more than once - Monitor failures — Check the webhook delivery log in your dashboard for failed deliveries