Skip to main content

Webhook Signatures and Idempotency

Linquid outbound deliveries include standard webhook signing headers.

Receiver requirements

  1. Verify signature before processing payload.
  2. Enforce timestamp freshness window.
  3. Deduplicate on event/delivery ID.
  4. Return deterministic status codes.

Delivery semantics

  • retries can occur on network or destination failures
  • duplicate deliveries must be safe
  • processing should be atomic and replay-safe
  • /api-reference/webhooks/overview
  • /api-reference/webhooks/deliveries-testing-and-automation