Webhook Reliability Patterns

Webhooks are simple to send; hard to make reliable. Four patterns are the standard answer.

Why webhooks fail

Network blips, receiver downtime, processing errors. Each breaks naive fire-and-forget webhooks.

Without patterns, lost events.

Four patterns

• 1. Retries with exponential backoff.
• 2. Idempotency keys per event.
• 3. Signatures for authenticity.
• 4. Dead-letter queue for unrecoverable failures.

Receiver responsibilities

Receivers: respond <5s; queue work; verify signature; deduplicate by event-id.

Long-running processing must be async on the receiver side.

Sender discipline

Senders: track delivery state; expose redelivery API; document signature scheme.

Document SLA: e.g., 99% delivered within 10s.

Antipatterns

• Webhook without signature. Spoofable.
• Receiver doing work synchronously. Times out; receives retries.
• No DLQ. Permanently lost events; no visibility.

What to do this week

Three moves. (1) Apply this pattern to your highest-risk network path. (2) Measure the failure mode rate before/after. (3) Document the change so the next incident-responder inherits the knowledge.