Skip to main content
Version: v1.40.0

Webhook Notifier

The Webhook notifier will perform an HTTP POST request to the specified endpoint everytime a change in the flags is detected.

The format of the call is specified in the format section and you can sign the body to trust the data you are receiving.

Configure the webhook notifier

ffclient.Config{
// ...
Notifiers: []notifier.Notifier{
&webhooknotifier.Notifier{
EndpointURL: " https://example.com/hook",
Secret: "Secret",
Meta: map[string]string{
"app.name": "my app",
},
Headers: map[string][]string{
"Authorization": {"Bearer auth_token"},
},
},
// ...
},
}

Configuration fields

FieldDescription
EndpointURLThe complete URL of your API (we will send a POST request to this URL, see format)
Secret(optional)
A secret key you can share with your webhook. We will use this key to sign the request (see signature section for more details).
Meta(optional)
A list of key value that will be added in your request, this is super useful if you want to add information on the current running instance of your app.

By default the hostname is always added in the meta information.
Headers(optional)
The list of Headers to send to the endpoint.

Format

If you have configured a webhook, a POST request will be sent to the EndpointURL with a body in this format:

{
"meta": {
"hostname": "server01"
// ...
},
"flags": {
"deleted": {},
// map of your deleted flags
"added": {},
// map of your added flags
"updated": {
"flag-name": {
// an object that contains old and new value
"old_value": {},
"new_value": {}
}
}
}
}

Example

{
"meta": {
"hostname": "server01"
},
"flags": {
"deleted": {
"test-flag": {
"rule": "key eq \"random-key\"",
"percentage": 100,
"true": true,
"false": false,
"default": false
}
},
"added": {
"test-flag3": {
"percentage": 5,
"true": "test",
"false": "false",
"default": "default"
}
},
"updated": {
"test-flag2": {
"old_value": {
"rule": "key eq \"not-a-key\"",
"percentage": 100,
"true": true,
"false": false,
"default": false
},
"new_value": {
"disable": true,
"rule": "key eq \"not-a-key\"",
"percentage": 100,
"true": true,
"false": false,
"default": false
}
}
}
}
}

Signature

This header X-Hub-Signature-256 is sent if the webhook is configured with a secret. This is the HMAC hex digest of the request body, and is generated using the SHA-256 hash function and the secret as the HMAC key.

caution

The recommendation is to always use the Secret and on your API/webook always verify the signature key to be sure that you don't get into a man-in-the-middle attack.

Get the latest GO Feature Flag updates