Engineering glossary
Webhook
A webhook is an HTTP message sent by one system to a configured endpoint when a defined event occurs.
In plain language
Instead of repeatedly asking whether something changed, a receiving system gives the provider an address to notify. Webhooks reduce unnecessary polling, but they are a delivery mechanism—not a guarantee that an event will be processed exactly once.
Why it matters to a business
- Supports timely automation after payments, status changes, or record updates
- Reduces repeated polling where a provider offers event notifications
- Creates a clear event boundary between independently operated systems
How it works
- 1The consumer registers an HTTPS endpoint.
- 2The provider sends an event payload when a subscribed event occurs.
- 3The consumer verifies authenticity, records receipt, and responds quickly.
- 4Durable processing, retries, deduplication, and reconciliation handle failures.
Common use cases
- Updating an order after payment confirmation
- Starting fulfillment when an approval is completed
- Synchronizing a CRM after a customer update
- Recording delivery or messaging status
Important implementation decisions
- Signature verification and secret rotation
- Durable receipt before complex processing
- Idempotency key and duplicate-event handling
- Retry, replay, alerting, and reconciliation policy
Common mistakes and misconceptions
- Doing long-running work before acknowledging delivery
- Assuming events arrive once or in order
- Trusting payloads without provider-specific signature verification
Limitations and trade-offs
Webhooks can improve freshness but add an internet-facing endpoint and recovery responsibilities.
Polling may remain useful for reconciliation or when providers do not expose complete events.
Need to apply this concept to a real system?
A focused technical discussion can identify the decisions and constraints that matter before implementation.