If your endpoint doesn’t return aDocumentation Index
Fetch the complete documentation index at: https://docs.politicalcomms.com/llms.txt
Use this file to discover all available pages before exploring further.
2xx response within 10 seconds, we retry on an exponential backoff schedule.
Retry schedule
| Attempt | Delay |
|---|---|
| Attempt 1 | Immediate |
| Attempt 2 | 4 seconds after first failure |
| Attempt 3 | 16 seconds after second failure |
| Attempt 4 | 64 seconds after third failure (final attempt) |
Best practices
Return 200 within 10 seconds
Return 200 within 10 seconds
Process asynchronously if needed. Queue the event for background processing and return
200 immediately. This prevents retries on slow handlers.Always validate the HMAC signature before processing
Always validate the HMAC signature before processing
See Signature Validation.
Use event_id to deduplicate
Use event_id to deduplicate
Rare but possible - under network failure conditions you could receive the same event twice. Store processed
event_ids and skip duplicates.Log failures and monitor endpoint health
Log failures and monitor endpoint health
Set up alerting on failed webhook deliveries. Mintlify’s audit log + your own application logs together give you full traceability.
Use HTTPS endpoints (required in production)
Use HTTPS endpoints (required in production)
HTTPS is enforced for all production webhook endpoints. Self-signed certs are not accepted - use a real CA-issued cert.
Rotate secrets periodically (every 90 days recommended)
Rotate secrets periodically (every 90 days recommended)
From the dashboard, regenerate the signing secret on each endpoint. Update your application’s environment variable, then verify a test webhook validates with the new secret before relying on it.