Documentation

Webhooks — sealing lifecycle events

Delivery guarantees, Svix-compatible signing (mock), and payloads for completion and failure envelopes.

Edit on GitHub

Registering endpoints

Navigate to Portal → Webhooks (still mocked UX) and add an HTTPS POST URL reachable from seal.club egress ranges. Allowed ports: 443 only. Mutual TLS bundles available for enterprise workspaces.

Mintlify placeholders below describe payloads we intend to certify before GA.

Event catalog

TypePurpose
job.createdFire-and-forget acknowledgment that metadata persisted successfully. Rarely actionable.
job.completedReceipt ready; payload embeds fingerprints + storage pointers. Primary integration hook.
job.failedTerminal error with machine-readable reason_code. Consumers should alert paging systems.

Signing headers (planned)

Outbound deliveries mimic Svix—verify Seal-Signature, Seal-Timestamp, and rotate signing secrets per endpoint.

Pseudo-code until publish:

verifySignature({
	version: headers['Seal-Signature-Version'],
	payload: rawBodyBytes,
	header: headers['Seal-Signature'],
});

Sample job.completed

{
	"type": "job.completed",
	"schema": "2026-05-08",
	"id": "del_884b",
	"created_at": "2026-05-08T18:43:51Z",
	"data": {
		"id": "job_014b7c",
		"environment_id": "env_sandbox_01",
		"receipt_sha512": "2c26b46b68ffc68ffe13d7d5d5c5c5c…",
		"receipt_url": "https://cdn.seal.club/receipts/job_014b7c.json"
	}
}

Retries & idempotency

We retry exponential backoff capped at sixteen hours (2^n seconds with jitter). Successful responses return HTTP 200–299. Use idempotent handlers—you may receive duplicate deliveries crossing regional failovers.