Webhook Trigger
Trigger workflows instantly by receiving HTTP requests from external systems, SaaS providers, or custom apps.
1. Operational Mechanics
The Webhook Trigger acts as an instant entry point for your Nodebase workflows. When you add a Webhook Trigger, Nodebase registers a unique, public endpoint to receive incoming HTTP requests.
- Supported Methods:
GETandPOST. - URL Format:
https://nodebase.mayanksaraswal.in/api/webhooks/trigger/{webhookId} - Payload Size Limit: Up to 1MB. Payloads exceeding this limit receive an immediate
413 Payload Too Largeresponse.
2. Redis Idempotency & Deduplication Vault
To prevent double-executions from webhook retries (often sent automatically by external platforms during transient outages), Nodebase implements a Redis-backed 5-minute (300-second) deduplication window.
How Fingerprinting Works
For each incoming request, Nodebase computes a SHA-256 fingerprint from:
- The HTTP Method (
POSTvsGET). - Specific request headers:
content-type,user-agent, and client idempotency keys:idempotency-key,x-idempotency-key, orx-request-id. - The request body (for POST) or stringified query params (for GET).
If a second request matching this fingerprint arrives within 300 seconds, Nodebase discards the duplicate execution and immediately returns:
{
"success": true,
"status": "duplicate_discarded"
}3. Output Context Schemas
Depending on the HTTP method, the output context written into the workflow state changes:
POST Context Format
{
"webhook": {
"body": {
"leadId": "ld_98",
"email": "[email protected]"
},
"headers": {
"content-type": "application/json",
"user-agent": "Mozilla..."
},
"method": "POST",
"receivedAt": "2026-06-04T01:14Z"
}
}GET Context Format
{
"webhook": {
"body": null,
"headers": {
"user-agent": "Mozilla..."
},
"method": "GET",
"queryParams": {
"source": "facebook",
"campaign": "brand"
},
"receivedAt": "2026-06-04T01:14Z"
}
}4. Reference Variables
| Variable Binding | Description |
|---|---|
| {{webhook.body}} | Accesses parsed JSON body elements (POST only). |
| {{webhook.queryParams}} | Accesses query string keys (GET only). |
| {{webhook.headers}} | Accesses request metadata headers. Use dot-notation (e.g. {{webhook.headers.content-type}}). |
| {{json webhook}} | Serializes the complete webhook event data stack. |
5. Real-World Execution Examples
Example 1: E-commerce Lead Capture (POST)
Configure your landing page form to send details to Nodebase. The workflow checks validation parameters and automatically routes prospects to your CRM.
Trigger Command:
curl -X POST https://nodebase.mayanksaraswal.in/api/webhooks/trigger/YOUR_WEBHOOK_ID \
-H "Content-Type: application/json" \
-d '{"name": "Ananya Roy", "email": "[email protected]", "budget": 15000}'CRM Node Configuration:
Add an HTTP Request node to append values: Use {{webhook.body.name}} and {{webhook.body.email}} to bind inputs dynamically.
Example 2: Ping Check / Health Status Query (GET)
Monitor microservice heartbeat status. External servers fire query strings to trigger simple actions or record health status updates.
Trigger Command:
curl -X GET "https://nodebase.mayanksaraswal.in/api/webhooks/trigger/YOUR_WEBHOOK_ID?server=auth-service&status=healthy"Dynamic Message Template:
Notify Slack using the template: "Server health update: {{webhook.queryParams.server}} reports state: {{webhook.queryParams.status}}".
Example 3: Secure Webhook Handshake Verification
Verify custom token signatures sent in headers (e.g. Stripe signatures or custom auth headers) before invoking downstream logic nodes.
Trigger Command:
curl -X POST https://nodebase.mayanksaraswal.in/api/webhooks/trigger/YOUR_WEBHOOK_ID \
-H "Authorization: Bearer my-secure-token-123" \
-H "Content-Type: application/json" \
-d '{"event": "system.upgrade"}'If/Else Validator Logic:
Add an If/Else Node directly after the trigger. Configure condition: {{webhook.headers.authorization}} **Equals** Bearer my-secure-token-123. Only branch executions to the true port to safeguard downstream APIs.