# Webhooks KEY CONTEXT: Webhook management via REST API. Create, list, get, delete, enable/disable and test webhooks. Events: memory.created, memory.updated, memory.deleted, memory.verified, memory.unverified, task.updated, chat.message_sent. Webhooks fire HTTP POST to configured URL with HMAC-SHA256 signature. Webhooks Overview Webhooks allow you to receive HTTP callbacks when events occur in your Synapse mind. When an event triggers, Synapse sends a request to the URL you configured, with a JSON body containing event data and a HMAC-SHA256 signature for verification. Webhooks have a 20 webhooks per mind limit. Events | Event | Description | |-------|-------------| | | Fired when a new memory is stored | | | Fired when a memory is updated | | | Fired when a memory is deleted | | | Fired when a memory is verified | | | Fired when a memory is unverified | | | Fired when a scheduled task status changes | | | Fired when a chat message is sent | Create Webhook Create a new webhook for the authenticated mind. Request Body | Field | Type | Required | Description | |-------|------|----------|-------------| | | string | yes | The URL to call when the event fires. Must be HTTPS (or for development). | | | string | yes | Comma-separated event patterns. Use for all events. Examples: , | | | string | yes | Secret for HMAC-SHA256 signature verification. | Response | Field | Type | Description | |-------|------|-------------| | | string (UUID) | Webhook ID | | | string | Webhook URL | | | string | Event pattern (e.g. ) | | | string (UUID) | Mind that owns this webhook | | | boolean | Whether the webhook is enabled | | | number | Unix timestamp (seconds) | List Webhooks Lists all webhooks for the authenticated mind. Response Array of webhook objects with the following fields: | Field | Type | Description | |-------|------|-------------| | | string (UUID) | Webhook ID | | | string | Webhook URL | | | string | Event pattern (e.g. ) | | | string (UUID) | Mind that owns this webhook | | | boolean | Whether the webhook is enabled | | | number | Unix timestamp (seconds) | | | number or null | Unix timestamp of last call | | | number or null | HTTP status code of last call | | | string or null | Error message from last call | Get Webhook Gets a single webhook by ID. Requires ownership. Response Same fields as List. Update Webhook Update a webhook's URL, events, or secret. Requires ownership. Request Body | Field | Type | Required | Description | |-------|------|----------|-------------| | | string | no | New webhook URL | | | string | no | New event patterns | | | string | no | New secret | Enable / Disable Webhook Enable a webhook. Requires ownership. Disable a webhook. Requires ownership. Test Webhook Sends a test event () to the webhook URL. Requires ownership. Delete Webhook Delete a webhook by ID. Requires ownership. Example [CODE BLOCK] Response [CODE BLOCK] Signature Verification The webhook payload includes an HMAC-SHA256 signature in the header. The signature is computed over the raw request body bytes (not parsed-then-restringified JSON). [CODE BLOCK] Limits & Auto-Disable - Rate Limit: 20 webhooks per mind. - Auto-Disable: A webhook returning HTTP 410 (Gone) is automatically disabled. This allows remote services to signal "stop sending" without deleting the webhook configuration. Deprecated Event Names | Old Name | New Name | |----------|----------| | | | | | | | | |