Outbound Webhooks

Send webhooks to your customers — without queues, retries, or webhook services

No queue to run. No retry logic to write. One API call. Centrali handles the rest.

The cost of rolling your own

Every SaaS eventually needs to emit webhooks — when an order lands, a file uploads, a user signs up. Customers ask for them. You add them to the roadmap. Then you see the real shape of the work.

A queue + worker

You can't block a user's API request on an HTTPS call to a customer server. Something has to pull from a queue (Redis, SQS, BullMQ) and dispatch asynchronously.

HMAC signing

Sign the raw body with a per-subscription secret, attach as a header, rotate without losing history. Your customer's code verifies with the same secret.

Retry + circuit breaker

Exponential backoff with jitter. A cap on attempts. A circuit breaker so flaky endpoints stop costing you compute. Most teams get this subtly wrong on the first pass.

Delivery log + replay

Every attempt stored with status, response, and error. A replay endpoint for when the customer deploys a fix and wants the missed events.

Each piece is a day of work. Together they're a sprint. Maintained well, they're an ongoing tax on your platform team.

You don't build any of this

If you're already using Centrali as your backend, outbound webhooks are already there. Subscribe a customer endpoint, and Centrali handles every piece above — no worker, no retry code, no log schema to design.

Queue + dispatch

Built in. Record changes fan out to subscribed endpoints automatically. Nothing to deploy.

HMAC-SHA256 signing

Every request signed with a per-subscription secret. Base64-encoded, delivered in the X-Signature header. Rotate anytime; delivery history stays intact.

5 retries over 40 minutes

30s, 2m, 10m, 30m between attempts. Circuit breaker opens on repeated failure so your flaky customers don't cost you compute.

Full delivery log + one-call replay

Every attempt — payload, HTTP status, error — visible in the console and queryable via API. Replay any failed delivery with a single POST.

The whole setup is one call

Subscribe a customer's endpoint to record events on any collection:

import { CentraliSDK, RecordEvents } from '@centrali-io/centrali-sdk';


const sub = await centrali.webhookSubscriptions.create({
  name: 'Order notifications',
  url: 'https://api.example.com/hooks/centrali',
  events: [RecordEvents.CREATED, RecordEvents.UPDATED],
  recordSlugs: ['orders'], // omit for all collections
});


// Signing secret is returned on create only — copy it now, reads omit it.
console.log('Signing secret:', sub.data.secret!);


// Replay a failed delivery
await centrali.webhookSubscriptions.deliveries.retry(deliveryId);

HMAC signing, retry, circuit breaker, delivery log, replay — all handled. Your app code stays focused on what it's actually doing.

Ship webhooks this afternoon

Create a workspace, subscribe your first endpoint, and stop thinking about queues.

No credit card. 5-minute setup.

Read the 10-min guide