Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.hyperrail.io/llms.txt

Use this file to discover all available pages before exploring further.

Getting Started

This guide will walk you through setting up and securely handling webhooks. Our implementation follows the Standard Webhooks specification. Your webhook setup is simple: just define the URL where you want to receive event data. Here’s the Webhook Payloads page. Follow these steps to set up your webhook:
  1. Access Webhook Settings: Navigate to the HyperRails Dashboard and go to Settings > Credentials > API Keys.
  2. Define your URL: Enter the URL where you want to receive webhook events under the Webhook URL field.
  3. Save Changes: Ensure you enter your one time code from your Authenticator app and save the settings to activate the webhook URL.
Idempotency (The “No Duplicates” Rule): Each webhook event includes a unique webhook-id header. Use this identifier to implement idempotency. Your system must be designed to gracefully handle receiving the same event more than once (due to retries) without causing errors or duplicate actions.

Securing Webhooks: Trust, but Verify

To protect your system from bad actors and ensure the data is authentically from HyperRails, always validate the payload and use HTTPS. To verify signatures, we follow the Standard Webhooks specification. Each webhook request includes a webhook-signature header from us which is x-hyperrails-signature, an HMAC SHA256 signature of the payload and timestamp.
Ordering is Not Guaranteed: Webhook events may be delivered out of order due to network retries. Always use the webhook-id or other data within the payload to ensure correct event processing, regardless of arrival sequence.
You will always receive the latest payload data at the time of delivery, regardless of when the webhook event was initially emitted.