- Receive POST requests on a public HTTPS endpoint.
- Verify the
x-hook-signatureheader (HMAC‑SHA256). - Respond with
200 OKwithin 5 s. We retry 9× on non‑2xx responses with exponential back‑off (+30 s each). - Use
requestIdfor idempotency.
All
Pages
x-hook-signature header (HMAC‑SHA256).200 OK within 5 s. We retry 9× on non‑2xx responses with exponential back‑off (+30 s each).requestId for idempotency.