Webhook reliability and observability for SaaS teams

Create a source, configure a destination URL, copy the generated ingest URL, and send a test webhook.

• Go to Sources and create a source with a valid destination endpoint.
• Use the ingest URL generated by Hookioz in your external system.
• Send a test request and verify status in Dashboard and Events.

Each source has its own ingest key and URL. The URL is shown after source creation and inside source details.

• In development, ingest is usually https://api.hookioz.com/api/i/{ingestKey}.
• In production, use your configured API base URL.

Yes. Disabling keeps configuration and history, but blocks new ingest for that source until re-enabled.

Organizations isolate sources, events, members, and security context. You can belong to multiple organizations.

• Switch current organization from the sidebar organization switcher.
• Dashboard, events, and limits are always scoped to the current organization.

Owner and Admin can manage organization settings, billing, and plan changes. Member has restricted operational access.

• Owner/Admin can invite members, edit organization settings, and manage billing actions.
• Some destructive actions may be restricted to Owner only depending on policy.

Use Plans for upgrades/downgrades and Billing for payment method plus extra usage limit settings.

• Plans: compare plans, schedule downgrade, or change current plan.
• Billing: update default payment method and configure monthly extra events limit.
• New paid subscriptions are completed in-app with a secure payment form.

An event moves through states such as Pending, Processing, RateLimited, Retry, Delivered, and Dead.

• Pending: accepted and waiting queue processing.
• Processing: currently being handled.
• RateLimited: waiting for source throughput window before next dispatch attempt.
• Delivered: destination call completed successfully.
• Retry: failed attempt with next retry scheduled.
• Dead: retries exhausted or unrecoverable failure.

Retry behavior follows configured limits and backoff settings in the dispatch pipeline.

• Transient failures are retried automatically.
• Maximum attempts and retry delay are controlled in backend configuration.

Redacted means payload or headers were removed due to data-retention policy after the configured retention window.

Yes. Source mapping and transformation features allow reshaping payloads before delivery.

• Use preview tools to validate transformations before enabling in production.
• Keep mappings deterministic and backward-compatible for consumers.

Update the source destination URL. New events use the new endpoint immediately after save.

Prefer one source per external producer or use-case for cleaner observability and safer rollbacks.

The dashboard aggregates organization metrics such as event volume, delivery outcomes, and source health.

You can switch display mode between Local and UTC in dashboard preferences.

Yes. Status filters in dashboard and events pages narrow the list and help isolate incidents.

Go to My Account and start 2FA setup. Scan the QR code in Google Authenticator and confirm using a 6-digit code.

• Store recovery codes in a safe location.
• Regenerate recovery codes if you suspect exposure.

Use Forgot Password on login. Hookioz sends a time-limited reset token to your registered email.

• If email does not arrive, verify spam folder and address correctness.
• Reset links expire and must be reissued after TTL.

Yes. Email verification is part of account security and can affect login/access flows if pending for too long.

Confirm ingest URL/key, source enabled state, request method, and that requests reach the API without network blocking.

• Validate producer is calling the exact ingest URL.
• Check source is enabled.
• Inspect API/network logs for rejected requests.

Review delivery response codes/content and destination availability. Most retry loops are caused by endpoint errors, auth failures, or timeout.

• Inspect last attempt details in event deliveries.
• Validate destination TLS/certificate and auth headers.
• Use idempotent handlers in destination to safely handle retries.

Contact support when behavior is inconsistent with expected status transitions, permission model, or data retention policy.

• Send organization name, source name, event ID (if available), UTC timestamp, and expected vs actual behavior.
• Email: [email protected]