Sleuth Documentation
HomeBlogSupportSign up
Search…
Getting started
DORA metrics
Deployment tracking
Auto-verify deploys
Deploy workflows (beta)
Cookbook
Webhooks
Trigger builds
Slack mission control
Sleuth API
Integrations
About Integrations...
Code integrations
Feature flag integrations
Impact integrations
Slack integration
CI/CD integrations
Issue tracker integrations
Incident tracker integrations
Settings
Organization settings
Project settings
Account settings
Role Based Access Control
Resources
FAQ
Sleuth TV
Purchasing
About Sleuth...
Powered By GitBook
Webhooks
The webhook action will send an HTTP POST to the URL of your choosing. The body contains information about the deployment, and a signature to verify the webhook is valid and originated at Sleuth.

Body

The body of the webhook will look something like this:
1
{
2
"organization": {
3
"slug": "myorg"
4
},
5
"name": "791f0e0",
6
"on": "2021-02-03T00:35:09.823706+00:00",
7
"branch": "master",
8
"revision": "791f0e0ce8612717da226d73caac7790e0de4032",
9
"environment": {
10
"slug": "production"
11
},
12
"changeSource": {
13
"slug": "sleuth-test"
14
},
15
"health": "healthy",
16
"author": {
17
"email": "[email protected]"
18
}
19
}
Copied!

Signature

The webhook will contain two headers you can use to safely validate the message:
  • X-SLEUTH-TIMESTAMP - The unix timestamp, in seconds, of when the webhook was created
  • X-SLEUTH-SIGNATURE - The signature of the timestamp and request body, signed with the API key
The signature follows the format Slack uses to validate their webhooks. For more information how it works and how to validate the signature, see the Slack docs
The only difference is Sleuth uses the API key from your Sleuth organization as the signing key.
Previous
Cookbook
Next
Trigger builds
Last modified 6mo ago
Copy link
Contents
Body
Signature