Skip to main content
Webhooks allow CloudThinker to push events to your external systems in real-time, enabling automation, integration, and custom workflows.

How Webhooks Work

1

Configure

Create a webhook endpoint with your target URL and select events to subscribe to
2

Trigger

When subscribed events occur, CloudThinker prepares a webhook payload
3

Deliver

CloudThinker sends an HTTP POST request to your endpoint with the event data
4

Process

Your system receives and processes the webhook, returning a success response

Creating Webhooks

From the Console

  1. Navigate to Settings > Webhooks
  2. Click Create Webhook
  3. Configure the webhook:
    • Name: Descriptive identifier
    • URL: Your endpoint URL (must be HTTPS)
    • Events: Select events to subscribe to
    • Secret: Optional signing secret for verification
  4. Save and test

Webhook Configuration

FieldDescriptionRequired
NameFriendly name for identificationYes
URLHTTPS endpoint to receive eventsYes
EventsEvent types to subscribe toYes
SecretShared secret for payload signingRecommended
HeadersCustom headers to includeNo
ActiveEnable/disable the webhookYes

Event Types

Subscribe to events across CloudThinker:

Recommendation Events

EventTrigger
recommendation.createdNew recommendation generated
recommendation.updatedRecommendation status changed
recommendation.implementedRecommendation marked complete
recommendation.commentComment added to recommendation

Incident Events

EventTrigger
incident.createdNew incident created
incident.updatedIncident details changed
incident.resolvedIncident marked resolved
incident.commentComment added to incident

Security Events

EventTrigger
finding.createdNew security finding detected
finding.resolvedSecurity finding resolved
compliance.changedCompliance status changed

Task Events

EventTrigger
task.startedScheduled task began execution
task.completedTask finished successfully
task.failedTask encountered an error

Agent Events

EventTrigger
conversation.completedAgent conversation finished
approval.requestedAgent requests approval for action
approval.grantedUser approved agent action

Resource Events

EventTrigger
resource.discoveredNew cloud resource found
resource.changedResource configuration changed
resource.deletedResource no longer exists

Webhook Payload

Each webhook includes a standardized payload: 
{
  "id": "evt_abc123",
  "type": "recommendation.created",
  "timestamp": "2024-01-15T10:30:00Z",
  "workspace_id": "ws_xyz789",
  "data": {
    "id": "rec_def456",
    "title": "Right-size EC2 instance i-0abc123",
    "potential_savings": 150.00,
    "effort": "low",
    "risk": "low",
    "status": "pending"
  }
}

Payload Fields

FieldDescription
idUnique event identifier
typeEvent type (e.g., recommendation.created)
timestampISO 8601 timestamp
workspace_idWorkspace where event occurred
dataEvent-specific payload

Security

Signature Verification

When you configure a webhook secret, CloudThinker signs each payload: 
X-CloudThinker-Signature: sha256=<signature>
Verify the signature in your endpoint: 
import hmac
import hashlib

def verify_signature(payload, signature, secret):
    expected = hmac.new(
        secret.encode(),
        payload.encode(),
        hashlib.sha256
    ).hexdigest()
    return hmac.compare_digest(f"sha256={expected}", signature)

IP Allowlisting

CloudThinker webhooks originate from known IP ranges. Contact support for the current IP list to configure firewall rules.

HTTPS Only

Webhook URLs must use HTTPS. Self-signed certificates are not supported in production.

Retry Logic

CloudThinker retries failed webhook deliveries:

Retry Schedule

AttemptDelay
1Immediate
21 minute
35 minutes
430 minutes
52 hours
68 hours

Success Criteria

A delivery is successful when your endpoint returns:
  • HTTP 2xx status code
  • Response within 30 seconds

Failure Handling

After all retries fail:
  • Event is marked as failed
  • Notification sent (if configured)
  • Event available in webhook logs

Webhook Management

Testing Webhooks

Test webhook delivery before going live:
  1. Select a webhook in settings
  2. Click Send Test Event
  3. Choose an event type
  4. Review delivery status and payload

Viewing Logs

Monitor webhook activity:
  1. Navigate to Settings > Webhooks > Logs
  2. View delivery attempts
  3. See request/response details
  4. Filter by status, event type, date

Pausing Webhooks

Temporarily disable a webhook:
  1. Select the webhook
  2. Toggle Active to off
  3. Events during pause are not queued

Webhook Templates

Use templates for common integrations:

Slack

Post events to Slack channels: 
{
  "url": "https://hooks.slack.com/services/...",
  "events": ["recommendation.created", "incident.created"],
  "transform": {
    "text": "New {{type}}: {{data.title}}"
  }
}

Jira

Create Jira tickets from CloudThinker events: 
{
  "url": "https://your-org.atlassian.net/...",
  "events": ["recommendation.created"],
  "headers": {
    "Authorization": "Basic <base64_credentials>"
  }
}

PagerDuty

Trigger PagerDuty incidents: 
{
  "url": "https://events.pagerduty.com/v2/enqueue",
  "events": ["incident.created"],
  "headers": {
    "Content-Type": "application/json"
  }
}

Best Practices

Use webhook secrets and verify signatures to ensure requests originate from CloudThinker.
Return a 2xx response immediately, then process the event asynchronously. Long processing delays cause timeouts.
Webhook deliveries may occasionally duplicate. Use the event id to deduplicate on your end.
Set up alerts for webhook failures. Investigate and fix issues promptly to avoid missing events.
Only subscribe to events you need. Reduces noise and processing overhead.

Integration Examples

GitHub Actions

Trigger workflows from CloudThinker events: 
# .github/workflows/cloudthinker.yml
on:
  repository_dispatch:
    types: [recommendation-created]

jobs:
  process:
    runs-on: ubuntu-latest
    steps:
      - name: Process recommendation
        run: |
          echo "New recommendation: ${{ github.event.client_payload.title }}"

AWS Lambda

Process webhooks with serverless functions: 
def lambda_handler(event, context):
    body = json.loads(event['body'])

    if body['type'] == 'recommendation.created':
        # Process new recommendation
        process_recommendation(body['data'])

    return {'statusCode': 200}

Incident Webhooks

Learn about incident-specific webhook integrations