Webhooks

🔧 API5 min readUpdated May 2026

Event Types

• threat.detected — New threat identified by MSP Hunter or Threat Researcher
• scan.completed — Network or vulnerability scan finished
• compliance.updated — Compliance score or status changed
• ticket.created — New support ticket created by Tech Support agent
• agent.alert — Agent triggered an alert

Payload Format

{
  "event": "threat.detected",
  "timestamp": "2026-05-28T12:00:00Z",
  "data": {
    "threat_id": "thr_abc123",
    "severity": "critical",
    "description": "Open RDP port detected",
    "endpoint": "srv-file-01",
    "client_id": "cli_xyz789"
  }
}

Signature Verification

Each webhook includes an X-Gridlock-Signature header. Verify it using HMAC-SHA256 with your webhook secret:

const crypto = require("crypto");
const signature = crypto.createHmac("sha256", webhookSecret)
  .update(requestBody)
  .digest("hex");
if (signature === req.headers["x-gridlock-signature"]) {
  // Valid webhook
}

Retry Policy

Failed deliveries are retried up to 5 times with exponential backoff: 1min, 5min, 30min, 2hr, 24hr. After 5 failures, the webhook is disabled and you are notified via email.