Webhooks and API triggers
A deployed Agent Team has a private inbound trigger URL, and a scheduled deployment can send its terminal result to an HTTPS endpoint. Together they connect Codelit to forms, inboxes, automation tools, and internal services.
Trigger a deployed team
Deploy the workflow, then copy its live POST URL from Schedule or Hosted runs. Settings > Webhooks explains the URL shape. The deployment and token query values authenticate the request, and the JSON request body becomes the run input.
- Deploy the Agent Team and copy the full trigger URL.
- Store the URL as a secret in the calling system; do not publish or log its token.
- POST a bounded JSON body and retain the returned run ID for correlation.
Receive terminal results
Configure a per-workflow result webhook for completed, halted, and failed terminal events. The payload includes a stable delivery ID, workflow and run metadata, bounded output, duration, and approximate cost without exposing stored provider credentials.
- Return a 2xx response only after the event is accepted.
- Deduplicate with X-Codelit-Delivery because transient retries reuse the same ID.
- Keep handlers idempotent so a retry cannot repeat a downstream write.
- Use Settings > Webhooks to send a non-production test payload first.
Verify every delivery
When signing is enabled, verify X-Codelit-Signature as v1=HMAC-SHA256(secret, timestamp.raw_body) before parsing or acting on the payload. Compare signatures in constant time and reject stale timestamps according to your receiver's replay window.