Webhooks
Git webhook endpoints for automatic deployments on push. These endpoints are called by GitHub, GitLab, or Bitbucket when code is pushed to a repository.
Endpoints
| Method | Path | Auth | Description |
|---|---|---|---|
POST | /api/v1/webhooks/github | Signature | GitHub push events |
POST | /api/v1/webhooks/gitlab | Token | GitLab push events |
POST | /api/v1/webhooks/bitbucket | Signature | Bitbucket push events |
These endpoints do not use standard API authentication. Instead, they verify requests using provider-specific mechanisms:
| Provider | Verification |
|---|---|
| GitHub | X-Hub-Signature-256 header (HMAC-SHA256) |
| GitLab | X-Gitlab-Token header (shared secret) |
| Bitbucket | X-Hub-Signature header (HMAC-SHA256) |
Webhook URLs are automatically generated when you create an application with autodeploy: true and a git source. The webhook secret is stored securely and used to verify incoming requests.
Last updated on