Logo
AutoBlogging Pro
Back to Knowledge Base
Developer Guide

Webhooks

Real-time notifications for article events. Secure, reliable delivery with automatic retries.

Event Types

5 Events

Retry Policy

5 Attempts

Security

HMAC-SHA256

Supported Events

article.created

Fired when a new article is generated

Example Payload:

{
  "articleId": "art_123",
  "title": "10 Tips for Better SEO",
  "status": "draft",
  "projectId": "proj_456",
  "createdAt": "2024-01-15T10:30:00Z"
}
article.published

Fired when an article is published to WordPress or other platform

Example Payload:

{
  "articleId": "art_123",
  "title": "10 Tips for Better SEO",
  "status": "published",
  "publishedUrl": "https://yoursite.com/10-tips-seo",
  "projectId": "proj_456",
  "publishedAt": "2024-01-15T10:35:00Z"
}
article.failed

Fired when article generation fails

Example Payload:

{
  "articleId": "art_123",
  "error": "Content policy violation",
  "projectId": "proj_456",
  "failedAt": "2024-01-15T10:30:00Z"
}
project.created

Fired when a new project is created

Example Payload:

{
  "projectId": "proj_456",
  "title": "My Tech Blog",
  "domain": "techblog.com",
  "createdAt": "2024-01-15T10:00:00Z"
}
credits.low

Fired when credits fall below 20%

Example Payload:

{
  "currentCredits": 15,
  "totalCredits": 100,
  "percentage": 15,
  "projectId": "proj_456"
}

Security Verification

Always verify webhook signatures to prevent spoofing attacks

1

Get Your Webhook Secret

Your webhook secret is generated when you create a webhook endpoint in your dashboard.

2

Verify Signature

Each webhook request includes a `x-autoblog-signature` header containing an HMAC-SHA256 signature.

3

Validate Payload

Compute the HMAC-SHA256 of the request body using your secret and compare it to the signature header.

4

Reject Invalid

If signatures don't match, reject the request with a 401 status code.

verify-webhook.js
const crypto = require('crypto');

function verifyWebhook(payload, signature, secret) {
  const expected = crypto
    .createHmac('sha256', secret)
    .update(JSON.stringify(payload))
    .digest('hex');
  
  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expected)
  );
}

Retry Policy

If your webhook endpoint returns a non-2xx response or times out, we'll retry delivery up to 5 times with exponential backoff.

Attempt
Delay
Total Time
1st
1 minute
1 min
2nd
5 minutes
6 min
3rd
30 minutes
36 min
4th
2 hours
2.6 hrs
Final
24 hours
26.6 hrs

Ready to Implement?

Check out our complete API documentation for more details.

API ReferenceWordPress Integration