Enterprise
Webhooks and Notifications
Enterprise customers need operational events pushed into their own systems instead of checking dashboards manually.
Enterprise customers need operational events pushed into their own systems instead of checking dashboards manually.
Delivery channels
| Channel | Best for |
|---|---|
| email notifications | human review and finance or security alerts |
| webhooks | automation and system-to-system handling |
Choose the channel
| Event type | Prefer email when | Prefer webhook when |
|---|---|---|
| Billing | A finance owner needs review or approval | Your accounting or internal ticketing system should ingest the event |
| Usage limits | A human needs to decide whether to raise limits | Your platform should automatically slow down jobs or alert on-call |
| Member changes | Admins need an audit notification | Your security tooling tracks identity lifecycle events |
| Key changes | Owners need visibility | Your internal system should rotate, disable, or investigate keys |
| Security alerts | A security owner must review | Your SIEM, pager, or incident workflow should receive the event |
Typical email notifications
- billing generated
- spend or usage warnings
- member changes
- security alerts
Webhook configuration model
The current enterprise plan describes three key fields:
- webhook URL
- subscribed event types
- signing secret
Receiver requirements
Webhook receivers should be designed like production integration points:
- Use a public HTTPS endpoint.
- Verify the signing secret before trusting the payload.
- Return quickly and move slow work to a queue.
- Make processing idempotent so duplicate deliveries do not create duplicate actions.
- Store the event ID, event type, task or resource ID, received timestamp, and processing status.
- Keep polling or dashboard review available as a fallback for delayed webhook processing.
Example event areas
billing.generatedbilling.paidbilling.overdueusage.alertusage.limit_reachedmember.invitedmember.joinedmember.removedkey.createdkey.disabledkey.deleted
Integration checklist
Before depending on webhooks in production, confirm the webhook URL, subscribed event types, signing secret, retry behavior, and the event payload fields your system stores.