Skip to main content
POST
Test webhook
Free - does not consume credits
These snippets shape a small deployment-check record. Store accepted, status_code, and error with the webhook ID instead of printing the full test response.

Path parameters

id
string
required
The webhook ID to test.

Headers

x-api-key
string
required
Your API key. This endpoint also accepts session cookie authentication.

What happens

Xquik sends a webhook.test event to your endpoint, HMAC-signed with the webhook’s secret:
Payload delivered to your endpoint
The signed request includes the X-Xquik-Signature, X-Xquik-Timestamp, and X-Xquik-Nonce headers. Verify the signature against the raw request body before parsing JSON, reject stale timestamps, and de-dupe recent nonces exactly as you do for production monitor deliveries. You can test active, paused, or needs-attention webhooks. This endpoint reports whether the receiver accepted the signed test request, but it does not change isActive, deliveryStatus, or consecutiveFailures. Use Resume Webhook when a fixed receiver should pass a signed test before delivery resumes. The test endpoint does not return or rotate the signing secret. Keep using the secret returned by Create Webhook for signature verification, and keep raw request bodies, raw signatures, and full headers out of deployment logs. webhook.test payloads include eventType, data, and timestamp. They do not include deliveryId or streamEventId, so use them for reachability and signature checks rather than receiver idempotency checks.

Response

success
boolean
true when your endpoint responded with a 2xx status code.
statusCode
number
The HTTP status code returned by your endpoint.

Test result handoff

Use this endpoint before routing production monitor events to a new receiver or after changing webhook code, secrets, firewall rules, or queue routing.

Receiver accepted

Treat success: true and a 2xx statusCode as proof that the receiver accepted the signed webhook.test request.

Receiver rejected

Treat success: false with a non-2xx statusCode as a receiver error. Fix the endpoint before waiting for the next production monitor event.

Endpoint unreachable

Treat statusCode: 0 as a network or reachability failure. Check DNS, TLS, firewall rules, and the public HTTPS URL.

Error string

Store error with your deployment logs so support, queue, or incident workers can see the latest test failure reason.

Paused or Needs Attention

Tests are still sent to paused and needs-attention webhooks. A passing test proves reachability only; use Resume Webhook when delivery should resume after the test.

Signature path

Validate X-Xquik-Signature, X-Xquik-Timestamp, and X-Xquik-Nonce on the raw request body before accepting test or production events.

Test payload

webhook.test payloads include eventType, data, and timestamp. They do not include deliveryId or streamEventId.

Production triage

After the receiver accepts this signed test, use List Deliveries to debug real monitor events. Delivery rows contain id, streamEventId, status, attempts, lastStatusCode, lastError, createdAt, and deliveredAt.

Event join

For failed or exhausted production deliveries, use delivery streamEventId as the {id} for Get Event. Store the event monitorId, monitorType, type, occurredAt, and data with the receiver incident.
This endpoint supports dual authentication: API key (x-api-key header) or session cookie from the dashboard.Related: List Webhooks · Resume Webhook · List Deliveries · Get Event · Webhook Verification
Last modified on June 23, 2026