HTTP webhook → Slack

Any service that can send an HTTP request becomes a source. ingestlayer generates an ingest URL — https://in.ingestlayer.com/whk/<token> — and every POST to it becomes one event.

how events arrive

1. 01

   create the endpoint

   Add an HTTP webhook source. ingestlayer generates a unique URL of the form https://in.ingestlayer.com/whk/<token> that accepts any HTTP POST.

2. 02

   choose auth

   HMAC signing (the default) or a bearer token. In signed mode the sender includes an X-Ingest-Signature header — the hex HMAC-SHA256 of the raw body — which ingestlayer recomputes and compares in constant time, rejecting anything that doesn't match. An unauthenticated mode exists for local testing.

3. 03

   send your events

   POST JSON to the URL. The body becomes the event payload; if it carries a string `type` that becomes the event type, otherwise ingestlayer stamps webhook.in.received. Rename or reshape fields with the transform action downstream.

POST /whk/wh_3f8a HTTP/1.1
Host: in.ingestlayer.com
Content-Type: application/json
X-Ingest-Signature: 9f86d081884c…

{
  "type":     "order.created",
  "order_id": "ord_18f2",
  "amount":   4200,
  "currency": "eur",
  "email":    "ada@acme.com"
}

route it to Slack

Post to any channel in your workspace. Connect once with OAuth, pick the channel per pipeline.

1. 01

   connect your workspace

   Authorize the ingestlayer Slack app over OAuth from the destinations page. We hold only a channel-scoped bot token, in-region, in the same KMS as your other credentials.

2. 02

   pick a channel

   Choose any public channel, or invite the bot to a private one. The channel is set per pipeline, so different events can land in different places.

3. 03

   map the message

   Reference event fields with $event.* in the message template. The default renders a titled block with the event name and its key fields.

┌─ #alerts ──────────────────────────────┐
│  ingestlayer  APP                       │
│  user.signed_up                         │
│  email   ada@acme.com                   │
│  plan    pro                            │
│  source  marketing-site                 │
└─────────────────────────────────────────┘

notes

• —Slack rate-limits to roughly one message per second per channel; bursts are queued and retried, never dropped.
• —The bot must be a member of a private channel before it can post there — invite it explicitly.
• —Block Kit caps a message at 50 blocks and 3000 characters per text field; oversized events are truncated with a link to the full payload.

questions

How do I know a webhook really came from my sender?

Set the source to HMAC or bearer auth. In HMAC mode ingestlayer recomputes HMAC-SHA256 over the raw body and compares it to the X-Ingest-Signature header in constant time, rejecting anything that doesn't match before the event enters the pipeline.

What stops a retry from being processed twice?

Send an X-Ingest-Idempotency-Key header. Ingest is deduplicated on it, so a sender that retries on a timeout still produces exactly one event.

Can I reshape the payload before it lands?

Yes — the body arrives as-is, then the transform action maps it to whatever shape your destination expects, so a third party's field names never leak into your Slack message or your Postgres columns.

HTTP webhook, routed elsewhere

• HTTP webhook → DiscordDiscord
• HTTP webhook → TelegramTelegram
• HTTP webhook → EmailEmail
• HTTP webhook → WebhookWebhook
• HTTP webhook → PostgresPostgres
• HTTP webhook → NotionNotion

other sources, into Slack

• Inbound email → Slackemail
• AI agent → Slackagent
• everything you can pipe to Slackhub