Omnist API
Guides

Webhooks

Receive monitor events and inspect delivery behavior.

Use webhooks when your application should receive monitor events without polling. Configure one HTTPS target, keep the signing secret private, and inspect delivery records when debugging.

Configure a target

{
  "url": "https://example.com/omnist/webhooks",
  "enabled": true
}

Targets must use HTTPS and cannot point to localhost, private IP ranges, reserved IP ranges, or URLs with embedded credentials.

Verify signatures

Webhook requests include a signature header:

X-Omnist-Signature: t=1760000000,v1=<hex-hmac>
X-Omnist-Event-Id: evt_...
X-Omnist-Delivery-Id: del_...

Compute the HMAC over the timestamp and raw request body using the active signing secret. Reject stale timestamps and mismatched signatures before processing the event.

Delivery behavior

Omnist retries failed deliveries up to five attempts. The current retry delays are approximately:

AttemptDelay after prior failure
25 minutes
360 minutes
43 hours
524 hours

Use GET /v1/webhooks/events, GET /v1/webhooks/stats, and GET /v1/webhooks/test to inspect recent behavior.

Monitors

Save searches on a schedule and read the results through the same content model.

Rate limits and errors

Handle limits, retries, and consistent error responses.

On this page

Configure a targetVerify signaturesDelivery behavior