website logo
⌘K
Help and Documentation
Introduction to Rootly
Quick Start Guide
Managing Incidents
Manage Action Items
Managing Users
Managing Teams
Status Pages
Timeline
Postmortems
Playbooks
Workflows
Alerts
Pulses
Metrics
API Reference
Webhooks
Liquid
Contacting Support
Integrations
Overview
Slack
Mattermost
PagerDuty
Opsgenie
VictorOps (Splunk On-Call)
Service Now
Nobl9
Jira
Jira ( On premise )
Confluence
Confluence ( On premise )
Google Docs
Notion
Quip
Dropbox Paper
Asana
Linear
Freshservice
Trello
Shortcut ( formerly Clubhouse )
Statuspage.io
Airtable
Zendesk
Zoom
Webex
Microsoft Teams
GoToMeeting
Google Meet
Twitter
GitHub
Gitlab
AWS Elastic Beanstalk
Heroku
Kubernetes
Datadog
Honeycomb
Backstage
New Relic
Looker
Grafana
Email
SMTP
SendGrid
Sentry
Rollbar
Zapier
API
Terraform
Pulumi
HashiCorp Vault
SSO (Okta, Azure, Auth0, etc.)
SCIM
Docs powered by
Archbee
Help and Documentation

Webhooks

4min

Payload

Each event payload is a JSON object with properties event and data objects. The event object holds the event, and the data property holds a representation of the resource at the time the event was issued.

Supported Events

Event Payloads



incident.created incident.updated incident.mitigated incident.resolved incident.cancelled incident.deleted incident.scheduled.created incident.scheduled.updated incident.scheduled.in_progress incident.scheduled.completed incident.scheduled.deleted incident_post_mortem.created incident_post_mortem.updated incident_post_mortem.published incident_post_mortem.deleted alert.created pulse.created

Verifying Webhooks

Each webhook HTTP request includes a X-Rootly-Signature header, used to verify the request came from Rootly. The signature header contains a timestamp prefixed with t= and a signature prefixed with v= .

Text
|
X-Rootly-Signature:
t=1492774588,
v1=6657a869e8ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd


To verify the request, concatenate the timestamp with the request body and generate a SHA256 HMAC digest using the webhook secret available in the webhook configuration. The HMAC digest should match the provided signature.

Ruby
|
header = request.headers['X-Rootly-Signature']
timestamp = header.split(',').first.split('t=').last
signature = header.split(',').last.split('v1=').last
secret = "webhook secret"

OpenSSL::HMAC.hexdigest('SHA256', secret, timestamp + request.body) == signature




Updated 03 Mar 2023
Did this page help you?
PREVIOUS
API Reference
NEXT
Event Payloads
Docs powered by
Archbee
TABLE OF CONTENTS
Payload
Supported Events
Verifying Webhooks
Docs powered by
Archbee