Webhooks
Integrate external systems with Moxxy via webhooks.
Overview
Webhooks allow external services to trigger your agents via HTTP requests.
┌─────────────┐ HTTP POST ┌─────────────┐ ┌─────────────┐
│ External │ ──────────────────▶│ Moxxy │ ──▶ │ Agent │
│ Service │ /webhooks/... │ Gateway │ │ Response │
└─────────────┘ └─────────────┘ └─────────────┘Webhook Endpoints
Generic Webhook
bash
POST /api/webhooks/genericSend a message to an agent:
bash
curl -X POST http://localhost:17890/api/webhooks/generic \
-H "Content-Type: application/json" \
-H "X-Webhook-Secret: your-secret" \
-d '{
"agent": "default",
"message": "Process this data",
"context": {
"source": "external_service",
"event_id": "12345"
}
}'Platform Webhooks
Telegram
bash
POST /api/webhooks/telegramReceives Telegram updates when using webhook mode.
Slack
bash
POST /api/webhooks/slack
POST /api/webhooks/slack/interactiveReceives Slack events and interactive component callbacks.
Discord
bash
POST /api/webhooks/discordReceives Discord interactions.
Authentication
Secret Key
Protect webhooks with a secret key:
bash
# Set webhook secret
moxxy run --agent default --prompt "Store 'my-secret-key' in vault as webhook_secret"Include in requests:
bash
curl -X POST http://localhost:17890/api/webhooks/generic \
-H "X-Webhook-Secret: my-secret-key" \
-d '{"agent": "default", "message": "Hello"}'IP Whitelisting
Restrict by source IP:
bash
moxxy run --agent default --prompt "Store '192.168.1.0/24,10.0.0.1' in vault as webhook_allowed_ips"Request Format
Generic Webhook
json
{
"agent": "default", // Target agent name
"message": "Your message", // Message to process
"context": { // Optional context
"source": "service_name",
"event_type": "alert",
"custom_field": "value"
},
"response_mode": "sync" // "sync" or "async"
}Response Modes
| Mode | Description |
|---|---|
sync | Wait for agent response, return in HTTP response |
async | Return immediately, process in background |
Response (Sync Mode)
json
{
"success": true,
"agent": "default",
"response": "I've processed your request...",
"context": {
"event_id": "12345"
}
}Creating Webhooks
Via API
bash
curl -X POST http://localhost:17890/api/webhooks \
-H "Content-Type: application/json" \
-d '{
"name": "github-webhook",
"agent": "default",
"secret": "github-webhook-secret",
"transform": {
"message_template": "GitHub event: {{event_type}} on {{repository}}"
}
}'Webhook Configuration
json
{
"name": "alert-webhook",
"agent": "default",
"secret": "my-secret",
"transform": {
"message_template": "Alert from {{source}}: {{message}}",
"context_mapping": {
"severity": "$.severity",
"service": "$.service_name"
}
},
"filters": {
"include": ["*.critical", "*.warning"],
"exclude": ["*.debug"]
}
}Use Cases
GitHub Integration
bash
# Create GitHub webhook endpoint
curl -X POST http://localhost:17890/api/webhooks \
-d '{
"name": "github",
"agent": "devops",
"secret": "github-secret"
}'Configure in GitHub:
- Repository → Settings → Webhooks
- URL:
https://your-server/api/webhooks/github - Secret:
github-secret - Content type:
application/json
Monitoring Alerts
bash
# From Prometheus AlertManager
curl -X POST http://localhost:17890/api/webhooks/generic \
-H "X-Webhook-Secret: alerts-secret" \
-d '{
"agent": "ops",
"message": "Critical alert: High CPU usage on server-1",
"context": {
"alert_name": "HighCPU",
"severity": "critical",
"instance": "server-1"
}
}'CI/CD Notifications
bash
# From Jenkins/GitLab CI/etc.
curl -X POST http://localhost:17890/api/webhooks/generic \
-d '{
"agent": "team",
"message": "Build #4521 completed successfully",
"context": {
"build_id": "4521",
"status": "success",
"branch": "main"
}
}'Custom Triggers
bash
# Custom application trigger
curl -X POST http://localhost:17890/api/webhooks/generic \
-d '{
"agent": "assistant",
"message": "New user registration: user@example.com",
"context": {
"event": "user_registered",
"email": "user@example.com"
}
}'Transform Templates
Message Templates
Use Jinja2-style templates:
json
{
"transform": {
"message_template": "Alert: {{alert_name}} on {{instance}} ({{severity}})"
}
}Given payload:
json
{
"alert_name": "HighCPU",
"instance": "server-1",
"severity": "critical"
}Produces:
Alert: HighCPU on server-1 (critical)Context Mapping
Extract values from payload:
json
{
"transform": {
"context_mapping": {
"service": "$.labels.service",
"severity": "$.status"
}
}
}Filters
Include/Exclude Patterns
json
{
"filters": {
"include": ["*.critical", "*.warning"],
"exclude": ["test.*"]
}
}Conditional Processing
Only process matching events:
json
{
"filters": {
"condition": "$.severity == 'critical'"
}
}API Reference
List Webhooks
bash
GET /api/webhooksResponse:
json
{
"webhooks": [
{
"name": "github",
"agent": "devops",
"created_at": "2024-01-15T10:00:00Z"
}
]
}Get Webhook
bash
GET /api/webhooks/:nameCreate Webhook
bash
POST /api/webhooksUpdate Webhook
bash
PUT /api/webhooks/:nameDelete Webhook
bash
DELETE /api/webhooks/:nameTrigger Webhook
bash
POST /api/webhooks/:name/triggerSecurity Best Practices
- Always use secrets - Never accept unauthenticated webhooks
- Use HTTPS - Encrypt traffic to webhook endpoints
- Validate payloads - Check structure before processing
- Rate limit - Prevent abuse
- Log requests - Audit trail for debugging
- Use IP whitelists - Restrict to known sources
Troubleshooting
401 Unauthorized
- Check secret key in header
- Verify vault configuration
- Compare with configured secret
404 Not Found
- Verify webhook name
- Check webhook exists:
GET /api/webhooks
Timeout
- Use async mode for slow operations
- Increase timeout in configuration
- Check agent processing time
Filtered Out
- Check filter patterns
- Verify payload structure
- Review filter logs