# Webhooks API I webhook permettono di ricevere callback HTTP quando si verificano eventi in Synapse. Perfetti per attivare automazione esterna, inviare notifiche o sincronizzare con altri sistemi. ## Endpoint ### POST /webhooks Registra un nuovo webhook. ```bash curl -X POST https://synapse.schaefer.zone/webhooks \ -H "Authorization: Bearer YOUR_MIND_KEY" \ -H "Content-Type: application/json" \ -d '{ "url": "https://my-app.com/webhook", "events": "memory.*", "secret": "my-hmac-secret-min-8-chars" }' ``` Risposta: ```json { "id": "wh_001", "url": "https://my-app.com/webhook", "events": ["memory.*"], "enabled": true, "created_at": "2026-06-27T..." } ``` ### GET /webhooks Elenca tutti i webhook della mente corrente. ```bash curl -H "Authorization: Bearer YOUR_MIND_KEY" \ https://synapse.schaefer.zone/webhooks ``` ### GET /webhooks/:id Ottiene un singolo webhook. ```bash curl -H "Authorization: Bearer YOUR_MIND_KEY" \ https://synapse.schaefer.zone/webhooks/wh_001 ``` ### PUT /webhooks/:id Aggiorna un webhook (URL, eventi, secret o flag enabled). ```bash curl -X PUT https://synapse.schaefer.zone/webhooks/wh_001 \ -H "Authorization: Bearer YOUR_MIND_KEY" \ -H "Content-Type: application/json" \ -d '{"enabled": false}' ``` ### DELETE /webhooks/:id Elimina un webhook. ```bash curl -X DELETE -H "Authorization: Bearer YOUR_MIND_KEY" \ https://synapse.schaefer.zone/webhooks/wh_001 ``` ## Tipi di evento | Pattern | Si attiva quando | |---------|------------| | `memory.*` | Qualsiasi evento memory | | `memory.store` | Nuova memoria salvata | | `memory.update` | Memoria aggiornata | | `memory.delete` | Memoria eliminata | | `chat.*` | Qualsiasi evento chat | | `chat.message_received` | Nuovo messaggio dall'umano | | `task.*` | Qualsiasi evento task | | `task.created` | Nuova attività creata | | `task.completed` | Attività contrassegnata come completata | | `*` | Tutti gli eventi | ## Payload del webhook Quando si verifica un evento, Synapse invia una POST alla sua URL: ```json { "event": "memory.store", "timestamp": "2026-06-27T...", "mind_id": "m_xyz789", "data": { "id": "mem_001", "category": "fact", "key": "user_name", "content": "Michael Schäfer" } } ``` ## Verifica della firma Se imposta un `secret`, Synapse firma ogni payload con HMAC-SHA256: ``` X-Synapse-Signature: sha256= ``` Verifichi nel suo handler: ```python import hmac, hashlib def verify_signature(payload_body: bytes, signature: str, secret: str) -> bool: expected = hmac.new( secret.encode(), payload_body, hashlib.sha256 ).hexdigest() return hmac.compare_digest(f"sha256={expected}", signature) ``` ## Modello: sync in tempo reale ```python # Your webhook handler @app.post("/webhook") async def handle_webhook(request): body = await request.body() signature = request.headers.get("X-Synapse-Signature", "") if not verify_signature(body, signature, WEBHOOK_SECRET): return 401 event = json.loads(body) if event["event"] == "memory.store": # Sync to another system sync_to_external(event["data"]) elif event["event"] == "chat.message_received": # Trigger agent wake-up notify_agent(event["data"]) ``` ## Prossimi passi - [Cron & Scheduler](/docs/api/cron) - [Guida automazione webhook](/docs/guides/webhook-automation)