You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Product doc section 5.12 specifies Webhooks that notify external systems when a card is viewed or a contact is saved. Design and implement the full webhook delivery system including registration, signing, retries, and logs.
Context
This is foundational infrastructure for the Public API and third-party integration story. It requires careful design for reliability, security (payload signing), and observability.
Summary
Product doc section 5.12 specifies Webhooks that notify external systems when a card is viewed or a contact is saved. Design and implement the full webhook delivery system including registration, signing, retries, and logs.
Context
This is foundational infrastructure for the Public API and third-party integration story. It requires careful design for reliability, security (payload signing), and observability.
Tasks
WebhookEndpoint:id,userId,url,secret(encrypted),events: string[],isActive,createdAt.WebhookDelivery:id,endpointId,eventType,payload: JSON,status(pending/success/failed),responseCode,attempts,nextRetryAt,createdAt.apps/backend/src/routes/webhooks.ts:POST /api/webhooks— register an endpoint (max 5 per user).GET /api/webhooks— list user's endpoints.DELETE /api/webhooks/:id— remove endpoint.GET /api/webhooks/:id/deliveries— paginated delivery log.apps/backend/src/utils/webhookDispatch.ts:dispatchWebhook(userId, event, payload)— finds active endpoints for user+event, createsWebhookDeliveryrows, and enqueues delivery.X-DevCard-Signature: sha256=<hex>.node-fetch/axioswith 5s timeout.public.ts) and contact save event.Acceptance Criteria
Difficulty
senior— requires distributed job design, cryptographic signing, retry logic, and multi-tenant isolation.