Reach ยท 08.11
Webhooks, Gateways & Delivery Logs
Signed trigger ingress, native SaaS connector webhooks, channel webhooks, and the gateways that supervise persistent transports.
Every inbound webhook is signature-verified before it's trusted
Webhook routes cover several distinct sources โ signed workflow-trigger ingress, native SaaS connector webhooks, and per-channel webhooks โ but all of them share the same discipline: an inbound signature is checked with a timing-safe comparison before the payload is trusted, closing off the timing-attack surface a naive string comparison would leave open. Gateways separately supervise the long-lived, persistent transports (a WhatsApp session, a Telegram long-poll) that a one-shot webhook model doesn't fit, and outbound delivery is logged so a send that failed to actually leave the building is visible, not silently swallowed.