About webhooks

Webhooks allow you to send a POST request to a certain URL every time the alert is triggered. This feature can be enabled when you create or edit an alert. Add the correct URL for your app and we will send a POST request as soon as the alert is triggered, with the alert message in the body of the request. If the alert message is valid JSON, we will send a request with an "application/json" content-type header. Otherwise, we will send "text/plain" as a content-type header.  

Important Security Notice: When configuring webhooks, ensure that you do not include sensitive information such as login credentials or passwords in the webhook body. Transmitting sensitive data through webhooks can expose it to unauthorized parties and lead to security vulnerabilities. Always use secure, authenticated endpoints and encrypt sensitive data to protect your information.

Here is a list of IP addresses that we will use to send POST requests, in case they need to be permissioned:

  • 52.89.214.238
  • 34.212.75.30
  • 54.218.53.128
  • 52.32.178.7

If you want to send a request to a URL with a port number, please note that we only accept URLs with port numbers 80 and 443. Requests for URLs with any other port number will be rejected. If a remote server processes a request for more than 3 seconds, the request then gets cancelled. Also note that IPv6 isn't working with webhooks at the moment, but we might implement this in the future.

Keep in mind that many apps and services expect to receive data from webhooks in the JSON format and not in plain text, which we have in the alert message by default. Before sending a request, please read the documentation of the corresponding app or service and format your alert message accordingly. You can find out more about the JSON format in the wiki.

For example, Slack is awaiting a message formatted in JSON with a “text” as a key. You can type in a message box:

{"text": "BTCUSD Greater Than 9000"}

Since the message is a valid JSON, we will send a request with an "application/json" content-type header. Here’s how the request will look like using cURL:

curl -H 'Content-Type: application/json; charset=utf-8' -d '{"text": "BTCUSD Greater Than 9000"}' -X POST https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX

If your message is in plain text (i.e. you are using a default alert message), we will send a request with a "plain/text" content-type header.

cURL:

curl -H 'Content-Type: text/plain; charset=utf-8' -d 'BTCUSD Greater Than 9000' -X POST https://webhook.site/test

For your data protection, using alert webhooks is only allowed with 2-factor authentication enabled.