Skip to main content
For organization webhook events, check the docs, here.

Configuration

To enable webhooks, configure the WEBHOOK_URL and WEBHOOK_SECRET environment variables. Once enabled, the URL specified will start receiving the following events:

Platform Events

USER_REGISTER_SUCCESS

Triggered whenever a user registration is successful.
  • user_id: The unique identifier of the registered user.
  • user_email: The email address of the registered user.
Sample Payload:

APOLLO_MIGRATE_INIT

Triggered when graph migration is initiated. actor_id (optional): The identifier of the actor initializing the migration Sample Payload:

APOLLO_MIGRATE_SUCCESS

Triggered when graph migration succeeds.
  • federated_graph: An object representing the federated graph details.
    • id: The unique identifier of the federated graph.
    • name: The name of the federated graph.
  • actor_id (optional): The identifier of the actor initializing the migration.
Sample Payload:

Verification

To ensure the webhook data is coming from a trusted source and hasn’t been tampered with during transit, we employ HMAC signatures. When setting up a webhook, you provide a secret. This secret is used to compute a signature that is sent along with each webhook request. The header containing this signature is X-Cosmo-Signature-256.

Verification Example

To verify the webhook request, you need to compute the HMAC signature on your server and compare it to the signature in the X-Cosmo-Signature-256 header. Here’s an example in Node.js: