Webhooks

Webhooks send HTTP POST requests to your chosen URL when deploy events occur. Use them to notify Slack, Discord, or any custom service when your docs go live or a deployment fails.

Supported events

Event	Fired when
`deploy.success`	A deployment completes successfully
`deploy.failed`	A deployment fails

By default, new webhooks subscribe to both events. You can specify a subset when creating the webhook.

Creating a webhook

From your project dashboard, go to Settings > Webhooks and click Add Webhook. Enter an HTTPS URL.

You can also create webhooks via the API:

Terminal

curl -X POST https://app.skrypt.sh/api/projects/{slug}/webhooks \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://example.com/webhook",
    "events": ["deploy.success", "deploy.failed"]
  }'

The URL must use HTTPS. HTTP URLs are rejected.

Slack and Discord integration

Skrypt auto-detects Slack and Discord webhook URLs from the domain:

URL pattern	Detected as
`hooks.slack.com/*`	Slack
`discord.com/api/webhooks/*`	Discord
Everything else	Generic HTTP

When a Slack URL is detected, Skrypt formats the payload as a Slack message with colored attachments (green for success, red for failure). When a Discord URL is detected, it sends a Discord embed with the same color coding.

You do not need to configure the channel type manually. Pass the URL and Skrypt handles formatting.

Payload format

Generic HTTP

For non-Slack, non-Discord endpoints, the payload is a JSON object:

{
  "event": "deploy.success",
  "message": "Deployment completed",
  "title": "my-project",
  "url": "https://my-project.skrypthq.dev"
}

JSON

Slack

{
  "text": "deploy.success: Deployment completed",
  "attachments": [
    {
      "color": "#36a64f",
      "fields": [
        { "title": "message", "value": "Deployment completed", "short": true },
        { "title": "url", "value": "https://my-project.skrypthq.dev", "short": true }
      ]
    }
  ]
}

JSON

Discord

{
  "content": "**deploy.success**",
  "embeds": [
    {
      "title": "my-project",
      "description": "Deployment completed",
      "color": 3581519
    }
  ]
}

JSON

Listing and deleting webhooks

List all webhooks for a project:

Terminal

curl https://app.skrypt.sh/api/projects/{slug}/webhooks

Delete a webhook by ID:

Terminal

curl -X DELETE "https://app.skrypt.sh/api/projects/{slug}/webhooks?id={webhook-id}"

Security

Skrypt validates webhook URLs at creation time and again before sending each notification:

HTTPS required -- plain HTTP URLs are rejected
SSRF protection -- URLs resolving to private IPs (10.*, 172.16-31.*, 192.168.*, 127.*, ::1) are blocked
DNS rebinding prevention -- the resolved IP is re-checked at send time, not just creation time
Loopback blocked -- localhost, 0.0.0.0, and IPv6 loopback addresses are rejected

If a webhook URL fails validation at send time, the notification is silently skipped and a warning is logged.

Rate limits

Webhook creation and deletion are rate-limited per user. Normal usage is well within the limits.

What's next

Changelog, announce documentation updates to your readers
CLI Integration, deploy from the command line and trigger webhooks
Branching, preview changes before deploying