Skip to main content

Webhook Executions

Webhooks are endpoints that you can provide to other external ecosystems.

This is very handy because it allows you to trigger process executions from external systems.


Webhooks, combined with listeners, transform YepCode into the ultimate swiss army knife for an event-driven architecture.


From the process page, you may find the Webhook configuration section on the right sidebar.

Once you press the Add + button, you can create a webhook passing optional authentication params. If you don't provide a user and password, no authentication would be needed to start the process, so take care about it!

After creating the webhook, you can see:

  • The generated URL link, points to the process using its Slug, which you can configure.
  • The cURL command.

Now in the process Webhook configuration section you'll see the created webhook. From the options menu you can:

  • Update the previously created auth in Edit auth
  • See the URL link and cURL command in Show endpoint (also by clicking on the webhook itself).

Congrats! Your webhook is ready for external requests.

Invoking Webhooks Externally

Make an HTTP GET or POST to test your configured webhook, use a tool like Postman, Insomnia or curl in your terminal.

Payloads passed from the request body are included in YepCode parameters.

For example, this implementation would perform echoes from provided parameters:

const {
context: { request },
} = yepcode;

if (
request.headers["yepcode-signature"] !==
) {
return {
status: 400,
body: {
error: {
"Invalid signature. Double check the 'YepCode-Signature' header",

Invoke it using curl from the terminal with some parameters:

curl -X GET -H "Content-Type: application/json" \
# {"name":"John Doe"}

The same example using POST, parameters in POST are passed as request body:

curl -X POST -H "Content-Type: application/json" -d '{"name": "John Doe"}' \
# {"name":"John Doe"}

Request Headers

  • Yep-Version-Tag: Specify your process version tag to run a concrete version of your process. (optional)
  • Yep-Async: Choose to run the webhook synchronously or asynchronously. Sync executions will wait the process to finish before returning the response, while async executions will respond instantly with 201 HTTP code and a JSON informing about execution id. (optional) default:false
  • Yep-Initiated-By: Provide an additional level of abstraction to identify who is initiating requests to the YepCode endpoints. Its value will be recorded and can be consulted in the audit events. This allows clients to track and review the specific initiators of API requests for auditing and compliance purposes. It is optional and can be used in addition to the standard user authentication. (optional)

For synchronous requests, if execution last more than 60 seconds, invokations will result in a Request Timeout (HTTP Code 408), but execution will continue in YepCode.

Result body will be something like:

{"status":408,"message":"Timed out before execution with id 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' ended"}

All request headers sent to a webhook are available in yepcode.context.request.headers. You could access them and use their values as you please.

For example we could send a header signature to improve our process security:

curl --location --request POST '' \
--header 'Content-Type: application/json' \
--header 'YepCode-Signature: yp_test_y4Fb38t5RngUZiZSzFC4c4lZHFKHcC'

And validate that signature matches in the process:

// my echo process
const {
context: { parameters },
} = yepcode;

return parameters;

Query Parameters

  • async: Same as Yep-Async header. It takes precedence over the header. (optional) default:false

Response Headers

  • Yep-Execution-ID: All requests to webhooks returns this header indicating the execution id.
  • Location header: Async executions return this header indicating the location of the execution.

Tips & Examples


The response for async executions (when you set Yep-Async: true or async query param is true) will contain a Location header with the URL of the execution

Here you have some sample requests with a sandbox process:

Execute current version and async mode (Yep-Async header)
curl --location --request POST '' \
--header 'Yep-Async: true'
Execute current version and async mode
curl --location --request POST '' \
Execute concrete version and sync mode
curl --location --request POST '' \
--header 'Yep-Version-Tag: v1.0.0' \
--header 'Yep-Async: false'
Execute current version and sync mode (Yep-Async header)
curl --location --request POST '' \
--header 'Yep-Async: false'
Execute current version and sync mode
curl --location --request POST '' \