> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hotglue.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Webhooks

> Integrate hotglue with your own workflow by configuring a webhook

# Configure a webhook

To configure a webhook for your environment, go to **Settings** > **Jobs** > **Monitoring & Alerts**. For each webhook that is available to configure, there are two fields:

| Name           | Description                                                                                                                                                                                              |
| -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Webhook URL    | This is the webhook endpoint you want hotglue to send POST requests to                                                                                                                                   |
| Webhook Secret | Optional - if provided, hotglue will generate a signature of every payload using this secret and include it as the `X-Hub-Signature` in the request headers. Used to verify the payload is from hotglue. |

# Available Webhook Subscriptions

You can subscribe to any of three primary types of events using hotglue webhooks:

1. **Job Lifecycle**
2. **Discover**
3. **Connection**

Each webhook event is a JSON POST to your configured endpoint, optionally signed using the webhook secret that you define.

## 1. Job Lifecycle Webhook

This is the primary subscription that most hotglue workflows rely on. The job lifecycle webhook sends a POST request to your hook every time a job moves forward in the job lifecycle. You can read about the [job lifecycle here](https://docs.hotglue.com/docs/jobs-lifecycle).

### Example payload

```json JSON theme={null}
{
  "job_id": "tVN_B",
  "env_id": "dev.hotglue.com",
  "flow_id": "JClkCC05S",
  "job_name": "test_job:KWjsnRTyp",
  "tenant": "1414_1",
  "started_by": "1414_1",
  "s3_root": "1414_1/flows/JClkCC05S/jobs/2024/10/1/06/05/tVN_B",
  "start_time": "2024-10-06T20:14:59.957270+00:00",
  "state": {},
  "tap": "salesforce",
  "target": "bigquery",
  "connector_id": null,
  "job_type": null,
  "status": "JOB_COMPLETED",
  "scheduled_job": true,
  "sync_type": "full_sync",
  "override_start_date": null,
  "override_end_date": null,
  "override_field_map": null,
  "override_source_config": null,
  "override_target_config": null,
  "override_lifecycle_webhook": null,
  "task_id": "3430414a60df4efdb9aa7d7abaf877fc",
  "task_type": "STANDARD",
  "task_definition": {
    "id": "hotglue-executor-v2:4",
    "memory": 32768,
    "cpu": 8192
  },
  "discover_install_uri": "git+https://github.com/hotgluexyz/tap-salesforce.git@v1.0.12",
  "metrics": {
    "recordCount": {
      "Opportunity": 21029,
      "Lead": 285990,
      "User": 360,
      "Account": 742570
    }
  },
  "data_sizes": {
    "sync_output": 2812.21,
    "etl_output": 7957.72,
    "snapshots": 0,
    "total": 10769.93
  },
  "last_updated": "2024-10-07T07:50:28.076586+00:00",
  "error": null,
  "status_timestamp": {
    "SYNC_STARTED": 1728245795146,
    "ETL_STARTED": 1728245807884,
    "EXPORT_STARTED": 1728249071639
  },
  "resources_usage": {
    "memoryUsage": 22014.92
  },
  "target_install_uri": "s3://hotglue-prod.admin/env_zips/target-bigquery/target_bigquery-v0_11_11.py3_7.zip"
}
```

## 2. Discover Webhook

This is a useful subscription if you have workflows that rely on a successful discover completing, such as custom field mapping or in-widget table selection.

Like the job lifecycle webhook, the discover webhook sends a POST request to your hook every time a discover task moves forward in the discover lifecycle. The discover lifecycle has three possible events:

* `DISCOVER_STARTED`
* `DISCOVER_SUCCESS`
* `DISCOVER_FAILED`

### Example Payload

```json JSON theme={null}
{
  "connector": "salesforce",
  "env_id": "dev.hotglue.com",
  "flow_id": "JClkCC05S",
  "status": "DISCOVER_SUCCESS",
  "tenant": "1414_1",
  "timestamp": "2024-10-07T07:50:28.076586+00:00"
}
```

## 3. Connection Webhook

This is a useful subscription if you would like to take action when users link or unlink an integration in hotglue, or would otherwise like to create an internal database table to monitor connections.

The connection webhook sends a POST request to your hook whenever a `linkedSource`, `linkedTarget`, or `linkedConnector` is created, overwritten, or removed.

### Example Payload

```json JSON theme={null}
{
  "tenant": "1414_1",
  "flow_id": "JClkCC05S",
  "env_id": "dev.hotglue.com",
  "connector": "tap",
  "connector_type": "connector",
  "event": "LINK",
  "timestamp": "2024-10-07T07:50:28.076586+00:00",
  "event_id": "a8edda26-62f5-4b33-9434-c31f21d34c6c",
  "first_link": true
}
```

# Validating the signature

If you've chosen to set a webhook secret, we will send an `X-Hub-Signature` in the request headers to your webhook URL. The purpose of this is to verify that the payload came from hotglue.

See below for sample logic for how to validate the signature using JavaScript.

```javascript webhook-verification.js theme={null}
// Get the X-Hub-Signature header
const signature = req.normalizedHeaders['x-hub-signature'];
// Get the payload of the webhook as a string
const payload = typeof req.rawBody == "object" ? JSON.stringify(req.rawBody) : req.rawBody;
// Get your webhook secret
const secret = hotGlue.webhookSecret;

// Compute the signature using the above parameters
const computedSignature = crypto.createHmac('sha1', secret).update(payload).digest("hex");

const checksum = Buffer.from(signature, 'utf8');
const newChecksum = Buffer.from(computedSignature, 'utf8');

// Verify that the signature matches the X-Hub-Signature that was passed to you
if (checksum.length !== computedSignature.length || !crypto.timingSafeEqual(newChecksum, checksum)) {
  // This signature is invalid, and was not sent by hotglue
  console.error("Unable to verify Signature " + payload);
  return false;
}

// The signature was valid, it is safe to act on this webhook payload
console.log("Verified Payload Signature !");
return true;
```
