Skip to content

WebHook

WebHook

Section titled “WebHook”

Defines a webhook endpoint for event notifications.

This object can be configured from the WebUI under Settings › Telemetry › Webhooks

Fields

Section titled “Fields”
allowInvalidCerts
Section titled “allowInvalidCerts”

Type: Boolean · default: false

Whether Stalwart should connect to a webhook endpoint that has an invalid TLS certificate

signatureKey
Section titled “signatureKey”

Type: SecretKeyOptional · required

The HMAC key used to sign the webhook request body to prevent tampering

throttle
Section titled “throttle”

Type: Duration · default: "1s"

The minimum amount of time that must pass between each request to the webhook endpoint

timeout
Section titled “timeout”

Type: Duration · default: "30s"

Maximum amount of time that Stalwart will wait for a response from this webhook

discardAfter
Section titled “discardAfter”

Type: Duration · default: "5m"

The duration after which the webhook will be discarded if it cannot be delivered

url
Section titled “url”

Type: Uri · required

URL of the webhook endpoint

httpAuth
Section titled “httpAuth”

Type: HttpAuth · required

The type of HTTP authentication to use

httpHeaders
Section titled “httpHeaders”

Type: Map<String, String>

Additional headers to include in HTTP requests

enable
Section titled “enable”

Type: Boolean · default: true

Enable or disable the tracer

level
Section titled “level”

Type: TracingLevel · default: "info"

The logging level for this tracer

lossy
Section titled “lossy”

Type: Boolean · default: false

Whether to drop log entries if there is backlog

events
Section titled “events”

Type: EventType[]

List of events to include or exclude based on filter mode

eventsPolicy
Section titled “eventsPolicy”

Type: EventPolicy · default: "exclude"

How to interpret the events list

JMAP API

Section titled “JMAP API”

The WebHook object is available via the urn:stalwart:jmap capability.

x:WebHook/get

Section titled “x:WebHook/get”

This is a standard Foo/get method as defined in RFC 8620, Section 5.1.

This method requires the sysWebHookGet permission.

Terminal window
curl -X POST https://mail.example.com/api \
  -H 'Authorization: Bearer $TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
      "methodCalls": [
        [
          "x:WebHook/get",
          {
            "ids": [
              "id1"
            ]
          },
          "c1"
        ]
      ],
      "using": [
        "urn:ietf:params:jmap:core",
        "urn:stalwart:jmap"
      ]
    }'

x:WebHook/set

Section titled “x:WebHook/set”

This is a standard Foo/set method as defined in RFC 8620, Section 5.3.

Supports create, update, and destroy operations in a single call.

Create

Section titled “Create”

This operation requires the sysWebHookCreate permission.

Terminal window
curl -X POST https://mail.example.com/api \
  -H 'Authorization: Bearer $TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
      "methodCalls": [
        [
          "x:WebHook/set",
          {
            "create": {
              "new1": {
                "events": {},
                "httpAuth": {
                  "@type": "Unauthenticated"
                },
                "httpHeaders": {},
                "signatureKey": {
                  "@type": "None"
                },
                "url": "https://example.com"
              }
            }
          },
          "c1"
        ]
      ],
      "using": [
        "urn:ietf:params:jmap:core",
        "urn:stalwart:jmap"
      ]
    }'

Update

Section titled “Update”

This operation requires the sysWebHookUpdate permission.

Terminal window
curl -X POST https://mail.example.com/api \
  -H 'Authorization: Bearer $TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
      "methodCalls": [
        [
          "x:WebHook/set",
          {
            "update": {
              "id1": {
                "allowInvalidCerts": false
              }
            }
          },
          "c1"
        ]
      ],
      "using": [
        "urn:ietf:params:jmap:core",
        "urn:stalwart:jmap"
      ]
    }'

Destroy

Section titled “Destroy”

This operation requires the sysWebHookDestroy permission.

Terminal window
curl -X POST https://mail.example.com/api \
  -H 'Authorization: Bearer $TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
      "methodCalls": [
        [
          "x:WebHook/set",
          {
            "destroy": [
              "id1"
            ]
          },
          "c1"
        ]
      ],
      "using": [
        "urn:ietf:params:jmap:core",
        "urn:stalwart:jmap"
      ]
    }'

x:WebHook/query

Section titled “x:WebHook/query”

This is a standard Foo/query method as defined in RFC 8620, Section 5.5.

This method requires the sysWebHookQuery permission.

Terminal window
curl -X POST https://mail.example.com/api \
  -H 'Authorization: Bearer $TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
      "methodCalls": [
        [
          "x:WebHook/query",
          {
            "filter": {}
          },
          "c1"
        ]
      ],
      "using": [
        "urn:ietf:params:jmap:core",
        "urn:stalwart:jmap"
      ]
    }'

CLI

Section titled “CLI”

stalwart-cli wraps the same JMAP calls. See the CLI reference for installation, authentication, and general usage.

Fetch

Section titled “Fetch”
Terminal window
stalwart-cli get WebHook id1

Create

Section titled “Create”
Terminal window
stalwart-cli create WebHook \
  --field 'signatureKey={"@type":"None"}' \
  --field url=https://example.com \
  --field 'httpAuth={"@type":"Unauthenticated"}' \
  --field 'httpHeaders={}' \
  --field 'events={}'

Query

Section titled “Query”
Terminal window
stalwart-cli query WebHook

Update

Section titled “Update”
Terminal window
stalwart-cli update WebHook id1 --field allowInvalidCerts=false

Delete

Section titled “Delete”
Terminal window
stalwart-cli delete WebHook --ids id1

Nested types

Section titled “Nested types”

SecretKeyOptional

Section titled “SecretKeyOptional”

An optional secret value, or none.

  • None: No secret. No additional fields.
  • Value: Secret value. Carries the fields of SecretKeyValue.
  • EnvironmentVariable: Secret read from environment variable. Carries the fields of SecretKeyEnvironmentVariable.
  • File: Secret read from file. Carries the fields of SecretKeyFile.

SecretKeyValue

Section titled “SecretKeyValue”

A secret value provided directly.

secret
Section titled “secret”

Type: String · required · secret

Password or secret value

SecretKeyEnvironmentVariable

Section titled “SecretKeyEnvironmentVariable”

A secret value read from an environment variable.

variableName
Section titled “variableName”

Type: String · required

Environment variable name to read the secret from

SecretKeyFile

Section titled “SecretKeyFile”

A secret value read from a file.

filePath
Section titled “filePath”

Type: String · required

File path to read the secret from

HttpAuth

Section titled “HttpAuth”

Defines the HTTP authentication method to use for HTTP requests.

  • Unauthenticated: Anonymous. No additional fields.
  • Basic: Basic Authentication. Carries the fields of HttpAuthBasic.
  • Bearer: Bearer Token. Carries the fields of HttpAuthBearer.

HttpAuthBasic

Section titled “HttpAuthBasic”

HTTP Basic authentication credentials.

username
Section titled “username”

Type: String · required

Username for HTTP Basic Authentication

secret
Section titled “secret”

Type: SecretKey · required

Password for HTTP Basic Authentication

SecretKey
Section titled “SecretKey”

A secret value provided directly, from an environment variable, or from a file.

HttpAuthBearer

Section titled “HttpAuthBearer”

HTTP Bearer token authentication.

bearerToken
Section titled “bearerToken”

Type: SecretKey · required

Bearer token for HTTP Bearer Authentication

Enums

Section titled “Enums”

TracingLevel

Section titled “TracingLevel”
ValueLabel
errorError
warnWarning
infoInfo
debugDebug
traceTrace

EventPolicy

Section titled “EventPolicy”
ValueLabel
includeOnly include the specified events
excludeExclude the specified events