Skip to main content

Overview

Centralized Connection Management

Webhook Connection makes the connection definition centralized, enabling all Integration Flow and Connector steps to call the same HTTP endpoint consistently

Reduced Configuration Errors

Reduces configuration errors during version transitions by managing HTTP method, URL, and security headers from a single point

Environment-Based Management

Separates Development/Test/Production endpoints within a single connection thanks to environment-based connection parameters

Fast Deployment

Accelerates deployment processes with automatic name check, environment deployment, and Test Connection outputs

Connection Initiation

When a Webhook connection is requested from within an Integration Flow or Connector, the system reads the configured connection parameters

Connection Pool Management

HTTP client reuses keep-alive supported single connections for a short time; if there is no open connection, a new TCP session is established

Authentication

Authorization, Api-Key, or similar Authentication headers defined in Header tab are automatically added to the request

Data Communication

REST API call is made with selected HTTP method, payload is taken from Integration Flow step output and transmitted over TLS

Connection Management

When the request is completed, socket is closed or kept waiting for reuse within HTTP keep-alive duration

Error Management

In case of connection error, timeout, or authentication error, error is notified to the user through Apinizer Message Service and written to deploymentResult logs

Observability Platforms

Transferring Apinizer logs to observability platforms such as Splunk, Datadog, Graylog via REST webhook

CI/CD Notifications

Triggering Slack or Teams channel after successful deployment in CI/CD pipelines

Event Forwarding

Forwarding events from external services to third-party webhook APIs instead of MongoDB/Redis

SaaS Integrations

Making POST/PUT calls to external SaaS services in rapid prototypes

Technical Features and Capabilities

Dynamic HTTP Method Selection

All methods in EnumHttpRequestMethod list such as GET/POST/PUT/DELETE are selected from a single dropdown.

URL and Payload Management

Endpoint in https://host/path format is defined with fullUrl field and can be combined with Integration Flow parameters.

Smart Header Dictionary

Auto-completion is performed thanks to predefined HTTP header name/value services, and risk of entering incorrect headers decreases.

Environment-Based Configuration

Ability to define separate connection parameters for each environment (Development, Test, Production).

Enable/Disable Control

Activating or deactivating the Connection (enable/disable toggle). In passive state, the connection cannot be used but its configuration is preserved.

Automatic Name Uniqueness Check

Service-based nameExist check runs when Name field is entered and conflicts are shown instantly.

Automatic Validation in Header Management

Headers with missing name/value are blocked during saving.

Global/Project Transfer

Connection becomes available for use by all projects with Move to Global action from list view.

Connection Test Feature

Ability to validate connection parameters before saving with the “Test Connection” button.

Export/Import Feature

Exporting Connection configuration as a ZIP file. Importing to different environments (Development, Test, Production). Version control and backup capability.

Connection Monitoring

Monitoring connection health, pool status, and performance metrics.

Connection Parameters

Name

Description: Connection name (must be unique)
Example Value: Production_Webhook
Notes: Should not start with space, special characters should not be used

Environment

Description: Published environment ID that the Connection will be linked to
Example Value: Prod-Blue
Notes: Environment list is populated by EnvironmentService

HTTP Method

Description: HTTP method to use in the call
Example Value: POST
Notes: GET/POST/PUT/DELETE/HEAD/OPTIONS/PATCH/TRACE are supported

Full URL

Description: Full URL of the webhook endpoint
Example Value: https://hooks.partner.com/api/logs
Notes: HTTPS usage is recommended, query parameters are supported

Timeout

Description: Request timeout duration (sec)
Example Value: 10
Notes: Minimum 1 sec in UI, model default 2 sec

Description

Description: Text describing Connection purpose or target system
Default Value: -
Recommended Value: Short and action-oriented description

Header List

Description: Custom HTTP headers to send in webhook call
Default Value: (Empty list)
Recommended Value: Security headers such as Authorization: Bearer token

Enabled

Description: Whether the Connection is active
Default Value: true
Recommended Value: false in test phase, true in Production

Timeout and Connection Pool Parameters

Connection Timeout

Description: Wait time for TCP connection establishment
Default: 2000
Min: 1000 | Max: 60000
Unit: milliseconds

Request Timeout

Description: Total response time of HTTP request
Default: 2000
Min: 1000 | Max: 60000
Unit: milliseconds

Pool Size

Description: Maximum number of connections in Connection pool
Default: 0
Min: 0 | Max: 0
Unit: count

Webhook Retry Delay

Description: Wait between retries (can be used with manual flows)
Default: -
Unit: seconds

Usage Scenarios

Operation Logs

Situation: Need to transfer Gateway logs to central SIEM
Solution: POST + JSON payload + Authorization header
Expected Result: SIEM webhook receives log record at the end of each integration

Deployment Notification

Situation: Informing teams after CI/CD pipeline
Solution: POST https://hooks.slack.com/… + ContentType: application/json
Expected Result: Build/deployment result is shared in Slack channel

Third-Party Alarm

Situation: Opening ITSM ticket on threshold breaches
Solution: POST https://api.servicenow.com/… + API key
Expected Result: Automatic incident is created on ServiceNow

SaaS Integration

Situation: Triggering CRM activity
Solution: PUT https://crm.partner.com/events/id + Bearer token
Expected Result: CRM record is updated and reconciliation flow continues

Observability Webhook

Situation: Sending health-check data to Datadog Webhook API
Solution: POST https://api.datadoghq.com/api/v1/webhooks
Expected Result: Custom event opens in Datadog metrics dashboard

Audit Trail

Situation: Notifying archive service for each Integration Flow execution
Solution: POST https://audit.internal/api/event + X-Trace-Id header
Expected Result: Audit service records the call and returns response

Connection Configuration

Creating New Webhook Integration

Image 2024 9 9 15 35 35 Pn

Configuration Steps

1

Navigate to Creation Page

  • Go to Connection → Webhook Integration section from the left menu.
  • Click the [+ Create] button in the top right.
2

Enter Basic Information

Enable Status (Active Status):
  • Set active/passive status with toggle. New connections are active by default.
Name - Mandatory:
  • Example: Production_Webhook
  • Enter a unique name, should not start with space.
  • System automatically checks. Green checkmark: available. Red cross: existing name.
Description:
  • Example: “Prod log forwarding webhook”
  • Max. 1000 characters.
  • Describe the purpose of the Connection.
3

Environment Selection

  • Select environment from dropdown menu: Development, Test, or Production.
  • Different connection parameters can be defined for each environment.
4

HTTP Connection Parameters

  • Select GET/POST/PUT etc. from HTTP Method list.
  • Enter full endpoint starting with https:// in Full URL field.
  • Use placeholders for query parameters or path variables if necessary.
5

Header Management

  • Add new row with + in Headers tab.
  • Header Name and Header Value fields cannot be left empty.
  • You can select common headers from auto-completion list.
6

Timeout and Connection Pool Settings

  • Timeout field in Settings tab determines maximum duration (seconds) for request completion.
  • Pool size is managed server-side, so only timeout value is changed in UI.
7

Security and Authentication Settings

  • Write API keys or Bearer tokens in Authorization header.
  • Create Authorization: Basic … if basic HTTP auth is required.
  • SSL/TLS protection is provided with HTTPS URLs; configure certificate connection at environment level for mutual TLS if needed.
8

Test Connection

  • Click the [Test Connection] button.
  • Test whether connection parameters are correct.
  • Success: Green confirmation message
  • Failed: Error details are shown
9

Saving

  • Click the [Save and Deploy] button in the top right.
Checklist:
  • Unique name
  • Mandatory fields filled
  • Test connection successful (recommended)
Result:
  • Connection is added to the list
  • Becomes available for use in Integration Flow and Connector steps
  • Becomes active according to environment
Connection created successfully! You can now use it in Integration Flow and Connector steps.

Deleting Connection

Deletion Process

Select Delete from the menu at the end of the row or click the [Delete] button on the connection detail page

Deletion Tips

Check Before Deleting: It may be used in Integration Flow or Connector steps. If necessary, assign an alternative connection. Back up with Export before deleting

Alternative: Deactivation

Use the Disable option instead of deleting. Connection becomes passive but is not deleted. Can be reactivated when needed

Exporting/Importing Connection

In this step, users can export existing connections for backup, transfer to different environments, or sharing purposes, or import a previously exported connection again. This process is used to maintain data integrity in version management, transitions between test and production environments, or inter-team sharing processes.

Method 1

Select ⋮ → Export from the action menu. ZIP file is automatically downloaded.

Method 2

Click the [Export] button on the connection detail page. ZIP file is downloaded.

File Format

Format: Date-connection-ConnectionName-export.zip
Example: 13 Nov 2025-connection-Production_Webhook-export.zip

ZIP Contents

  • Connection JSON file
  • Metadata information
  • Dependency information (e.g., certificates, key store)

Usage Areas

  • Backup
  • Transfer between environments (Test → Prod)
  • Versioning
  • Team or project-based sharing

Import Steps

  • Click the [Import Webhook Integration] button on the main list.
  • Select the downloaded ZIP file.
  • System checks: Is format valid? Is there a name conflict? Are dependencies present?
  • Then click the [Import] button.

Import Scenarios

Scenario 1: Name Conflict → Overwrite the old connection or create with a new name.Scenario 2: Missing Dependencies → Create missing certificates or key stores first or exclude them during import.

Usage Areas of Connection

Creating and Activating Connection

Steps:
  1. Create the Connection
  2. Validate the connection with Test Connection
  3. Save and activate with Save and Deploy
  4. Ensure the Connection is in Enabled status

Usage in Integration / Connector Steps

Connection is selected in Connector steps that make REST requests. Example: Steps such as “Send Message”, “Invoke REST API”, “Log to External Endpoint”. Connection selection is made from the Connection field in the configuration of these steps

Scheduled Job Usage

Connection is selected to make webhook calls at certain intervals in scheduled tasks. Business logic running with cron expression automatically uses connection parameters

Usage for Testing Purposes

The correctness of the connection can be checked independently of the Integration Flow with the Connection Test feature. This test is critical in the debugging process

Best Practices

HTTP Method Management

Bad: Sending all calls as POST
Good: Selecting method required by target service
Best: Adjusting GET/POST/PUT/PATCH/DELETE usage for CRUD operations according to contract

URL Versioning

Bad: Manually changing fixed v1/v2 paths in URL
Good: Separating different versions by creating new connection
Best: Managing versions environment-based using parametric URL definition

Header Security

Bad: Sharing Authorization header as plain text
Good: Storing API keys only in relevant connection
Best: Using tokens dynamically retrieved through Secret Manager

Deployment Management

Bad: Deploying untested connection to Production
Good: Copying after validating in test environment
Best: Versioning with Export/Import and storing change record

Environment Management

Bad: Using the same connection parameters in all environments
Good: Creating separate connections for each environment
Best: Managing all environments in a single connection using the Environment option, only changing environment when transitioning between environments

Connection Test

Bad: Saving and deploying the connection without testing
Good: Validating with Test Connection before saving
Best: Testing after every parameter change, performing full integration test in test environment before going to production

API Key Management

Do not use API keys in the same header for both Test and Prod. Define different keys for each environment and create rotation schedule

Header Masking

Disable logging of sensitive header values in console outputs. Keep only anonymized information such as X-Trace-Id open

Authorization Level

Use IP whitelisting or HMAC signature verification at webhook endpoint. Automatically generate relevant signature header on Apinizer side

Credential Management

Store sensitive information such as usernames and passwords using environment variables or secret manager. Do not hardcode credentials in code or configuration files. Update passwords periodically

SSL/TLS Usage

Always enable SSL/TLS in Production environment. Use self-signed certificates only in development environment. Track certificate expiration dates and renew them on time

Access Control

Allow only authorized users to change Connection configuration. Store connection change logs. Apply change approval process for critical connections

Using Fixed Token

Why to avoid: All environments are affected in token leakage
Alternative: Use different Authorization values environment-based

Sending Over HTTP

Why to avoid: Data travels in unencrypted channel
Alternative: Make URL HTTPS, provide certificate to target side if needed

Header Conflicts

Why to avoid: Same header sent multiple times causes error in target system
Alternative: Regularly review header table and remove unnecessary rows

Using Production Connection in Test Environment

Why to avoid: Test data may be written to production system, real users may be affected, security risk occurs
Alternative: Create separate connections for each environment, use environment parameter, separate connection names by adding prefix according to environment (Test_, Prod_)

Very Low Timeout Values

Why to avoid: Connection constantly times out in network delays, Integration steps fail
Alternative: Adjust timeout values according to real usage scenarios, measure network latency and determine timeouts accordingly

Not Using Connection Pool

Why to avoid: New connection is opened for each request, performance decreases, resource consumption increases, target system load increases
Alternative: Enable connection pool, adjust pool size according to traffic volume, set up pool monitoring

Payload Size

Recommendation: Keep webhook messages below 200 KB
Effect: Shorter response times and lower timeout rate

Parallel Call Management

Recommendation: Define concurrency limits on Integration Flow side in high-volume triggers
Effect: Target system is not overloaded, error rate decreases

Retry Strategy

Recommendation: Add retry policy in Flow for idempotent endpoints, log error and take manual action in non-idempotent calls
Effect: Data loss is prevented in critical operations

Connection Pool Optimization

Recommendation: Adjust pool size according to peak traffic (recommended: concurrent request count × 1.5), set idle connection timeouts, perform pool health check
Effect: Connection opening cost decreases by 80%, response times decrease, resource usage is optimized

Timeout Values Optimization

Recommendation: Measure real network latency, adjust timeout values accordingly, avoid very low or very high timeouts
Effect: Unnecessary waits are prevented, fast fail-over is provided, user experience improves

Connection Monitoring

Recommendation: Monitor connection pool usage, track timeout rates, perform connection health check, set up alerting
Effect: Problems are detected proactively, performance bottlenecks are identified early, downtime decreases

Troubleshooting

Wrong endpoint, missing header, or incorrect payload format may exist.
1

URL and HTTP Method

Verify URL and HTTP method.
2

Header Check

Check that mandatory headers are sent.
3

Payload Format

Reformat payload according to target documentation.
Target service may be down, TLS certificate rejected, or rate limit reached.
1

Service Health

Check target service health.
2

Certificate Verification

Verify HTTPS certificate chain.
3

Rate Limit

Review rate limit logs and add wait time.
Network delay, target system responding slowly, or timeout value may be too low.
1

Network Check

Check network connectivity.
2

System Health

Check target system health.
3

Timeout Settings

Increase timeout values.
4

Log Review

Review connection logs.
Wrong username/password, expired credentials, or permission problem may exist.
1

Credentials

Verify credentials.
2

User Status

Check that the user is active in the target system.
3

Permission Check

Check that necessary permissions are granted.
4

Certificate Check

Check SSL/TLS certificates.
Pool size may be too low, connection leak exists, or traffic may be too high.
1

Pool Size

Increase pool size.
2

Connection Check

Check that connections are properly closed.
3

Idle Timeout

Set idle connection timeouts.
4

Metric Monitoring

Monitor connection usage metrics.
A different connection may be selected in Integration/Connector step, the step may be misconfigured, or Flow/Job may not be redeployed.
1

Enable Toggle

Check that the Connection’s enable toggle is active.
2

Connection Selection

Verify that the correct connection is selected in Integration Flow.
3

Connection Deploy

Redeploy the Connection.
4

Flow/Job Deploy

Redeploy Integration Flow or Job.
5

Log Check

Check Gateway logs.

Frequently Asked Questions (FAQ)

The same connection routes to a single URL. You need to create different connections for different platforms or make the URL parametric.
If there is a connection with the same name in the list, service returns nameExist=true and does not allow saving. Update the name to be unique.
There is no limit but name and value fields of each row must be filled; otherwise saving is blocked.
UI takes value in seconds and backend converts this value to milliseconds and transfers it to HTTP client.
It runs on Publication Worker according to the environment ID you selected and tries to reach the real endpoint.
Yes, the same connection can be used in multiple Integration Flow or Connector steps. This provides centralized management and guarantees configuration consistency. However, changes made to the connection will affect all usage locations, so care should be taken.
Using Connection pool is not mandatory but strongly recommended in high-traffic systems. Reusing existing connections instead of opening a new connection for each request significantly increases performance.
Yes, it is recommended to create separate connections for each environment. Alternatively, you can manage all environments in a single connection using the environment parameter. This approach provides easier management and less error risk.
Several reasons may exist:
  1. Connection enable toggle may be passive
  2. A different connection may be selected in Integration step
  3. Connection may not be deployed
  4. Integration Flow may not have been redeployed yet