Webhooks
Webhooks are a way to receive real-time updates from SaaS Custom Domains. When an event happens in SaaS Custom Domains, we'll send a POST request to the URL you specify with additional data about the event. You can use webhooks to trigger anything from a simple email notification to a complex workflow.
Getting Started
To start using webhooks, navigate to the webhooks section in the application. Here, you can create a new webhook. You'll have to specify the endpoint URL to receive webhook notifications and select the events you wish to be notified about.
Security
We recommend that you secure your webhook endpoint to prevent unauthorized access. Every webhook sent by SaaS Custom Domains includes a security token in the token query parameter. This token will look something like 19ca846829efbcafd41af16e04f123.
It is important to verify this token before processing the webhook. You can find the token in the webhook view in the SaaS Custom Domains application. Each webhook has its own unique token.
Available Events
Our webhook service provides real-time notifications for a range of domain and upstream events. Below you'll find the events you can subscribe to, along with a brief description of each.
All datetimes are in UTC and ISO 8601 format, e.g. 2024-02-27T15:23:54Z.
Domain Events
Domain Created - A new domain has been created.
{
"event": "domain_created",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z"
}
}
Domain Deleted - A domain has been deleted.
{
"event": "domain_deleted",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
Domain DNS Proxy Record Valid - This event is fired when a CNAME record successfully points your custom domain to in.saascustomdomains.com, or A records are correctly set to our static IP addresses. Relevant only for non-wildcard custom domains.
{
"event": "domain_dns_proxy_record_valid",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
Domain DNS Proxy Record Invalid - Alerts you when we can't find CNAME that points your custom domain to in.saascustomdomains.com, or A records pointing to our static IP addresses. Relevant only for non-wildcard custom domains.
{
"event": "domain_dns_proxy_record_invalid",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
Domain DNS Challenge Record Valid - Notifies you when the DNS challenge records for your domain are correctly configured. Relevant only for custom domains using the DNS-01 challenge for verification.
{
"event": "domain_dns_challenge_record_valid",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
Domain DNS Challenge Record Invalid - Triggered when we can't find domain's DNS challenge records. Relevant only for custom domains using the DNS-01 challenge for verification.
{
"event": "domain_dns_challenge_record_invalid",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
TLS/SSL Certificate Issued - Indicates that a TLS/SSL certificate has been successfully issued for your domain.
{
"event": "tls_certificate_issued",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
TLS/SSL Certificate Revoked - Occurs when a TLS/SSL certificate for your domain is revoked.
{
"event": "tls_certificate_revoked",
"domain": {
"created_at": "2024-02-27T15:23:54Z",
"uuid": "domain_12345",
"host": "subdomain.apple.com",
"challenge_type": "http01",
"instructions_recipient": "steve@apple.com",
"last_dns_check_at": "2024-02-27T15:31:27Z UTC"
}
}
Upstream Events
Upstream Created - Triggered when a new upstream is created.
{
"event": "upstream_created",
"upstream":{
"created_at": "2024-02-27T15:23:54Z",
"uuid": "upstream_12345",
"host": "app.domain.com",
"port": "443",
"tls": true,
"bubble_io": false
}
}
Upstream Deleted - Triggered when an upstream is deleted.
{
"event": "upstream_deleted",
"upstream":{
"created_at": "2024-02-27T15:23:54Z",
"uuid": "upstream_12345",
"host": "app.domain.com",
"port": "443",
"tls": true,
"bubble_io": false
}
}
Timeouts and Retries
We have a 5-second timeout for webhooks. Successful responses are those with a status code in the 2xx range. If we don't receive a successful response within 5 seconds we will consider the webhook delivery failed and queue the retry.
We will retry sending the webhook up to 10 times. We use exponential backoff to determine the time between retries. The retries will be spaced out as follows:
| Retry | Next Retry Backoff | Total Waiting Time |
|---|---|---|
| 1 | 0d 0h 0m 20s | 0d 0h 0m 20s |
| 2 | 0d 0h 0m 26s | 0d 0h 0m 46s |
| 3 | 0d 0h 0m 46s | 0d 0h 1m 32s |
| 4 | 0d 0h 1m 56s | 0d 0h 3m 28s |
| 5 | 0d 0h 4m 56s | 0d 0h 8m 24s |
| 6 | 0d 0h 11m 10s | 0d 0h 19m 34s |
| 7 | 0d 0h 22m 26s | 0d 0h 42m 0s |
| 8 | 0d 0h 40m 56s | 0d 1h 22m 56s |
| 9 | 0d 1h 9m 16s | 0d 2h 32m 12s |
| 10 | 0d 1h 50m 26s | 0d 4h 22m 38s |
If we still don't receive a successful response, we will stop retrying and log the failure.