Webhooks
Receive real-time notifications about events in your compliance system through webhooks.
Overview
Our webhook system allows you to receive real-time notifications when specific events occur in your compliance system. This enables you to build automated workflows and keep your systems in sync.
Available Events
Policy Events
- policy.created
- policy.updated
- policy.deleted
- policy.approved
Risk Events
- risk.identified
- risk.assessed
- risk.mitigated
- risk.escalated
Vendor Events
- vendor.added
- vendor.updated
- vendor.assessed
- vendor.removed
Webhook Format
{
"id": "evt_123456",
"type": "policy.created",
"created": "2025-08-12T15:00:00Z",
"data": {
"policyId": "pol_789",
"name": "Data Protection Policy",
"version": "1.0",
"status": "draft"
}
}Implementing Webhooks
1. Register Webhook URL
POST /webhooks
{
"url": "https://your-domain.com/webhook",
"events": ["policy.*", "risk.identified"],
"description": "Policy and risk notifications"
}2. Verify Signatures
Each webhook request includes a signature header for verification:
X-Webhook-Signature: t=1628789625,
v1=5257a869e7ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bdBest Practices
- Implement retry logic for failed webhook deliveries
- Always verify webhook signatures
- Process webhooks asynchronously
- Monitor webhook delivery status
- Implement proper error handling