Skip to content

Managing Webhooks

Audience: All Immuta users

Content Summary: Webhooks notify users or other systems when actions happen in Immuta. Every action that generates a notification is available as a webhook.

Application Admins can create webhooks that are triggered by events that happens in the system (such as when data sources or projects are created), but any user can create webhooks that are triggered by access requests and activity notifications.

This page lists the REST endpoints for managing webhooks and provides examples of requests.

Webhook Endpoints

Method Path Description
DELETE /webhooks/{id} Deletes a specific webhook by id and deletes the history records for that webhook.
GET /webhooks Returns a list of webhooks the user can see. (Admins can see all webhooks; users can only see their own webhooks.)
GET /webhooks/actions Returns a list of valid notification actions that a webhook can be triggered by.
GET /webhooks/history Returns historical records for webhook requests, including requests and responses.
GET /webhooks/{id} Returns specified webhook by id.
POST /history/retry/{id} Retries webhook requests by history id. This can be done against any history record, regardless of failure or success.
POST /webhooks Creates a new webhook. Users can create multiple webhooks in a single request.

Sample Requests

POST /webhooks:

This sample request creates a webhook that notifies the user of all activity in Immuta:

{
    "webhooks": [{
        "url": "https://my.webhook.url",
        "name": "My Webhook",
        "notificationType": ["ALL_NOTIFICATIONS"],
        "global": true
    }]
}

Note: Any number of notification types can be provided; “ALL_NOTIFICATIONS” is a dummy type that can be used to listen on all notifications).

Outbound Webhook Request:

This sample outbound webhook request is for the deletion of a data source named “Test”:

{
    "text": "Steve Touw has deleted the test data source.",
    "attachments": [{
        "text": "{\"dataSourceName\":\"test\",\"notificationType\":\"modelCreated\",\"actionBy\":1,\"modelType\":\"datasource\",\"modelId\":15,\"targetUser\":1,\"targetGroup\":null}"
    }]
}

Notification Types

Type Triggers
acknowledgedAccess A project member acknowledges the purposes on a project.
addedToProject A data source is added to a project.
apiKeyRevoked A user's API key is revoked.
attributeAdded An attribute is added to a group or user.
attributeRemoved An attribute is removed from a group or user.
attributeUpdated Attributes for a group or user are updated.
bulkJobStatus A bulk action is completed (whether success/failure).
certificationRequired A Global Policy that requires certification by the data source owner is applied to a data source.
conflictingGlobalPolicies Global Policies are applied to the same column on a data source.
dataSourceExpired A data source that was configured to expire has expired.
dataSourceExpiring A data source that was configured to expire expires tomorrow.
dataSourceUpdated A data source is updated.
deletedDatasourceRemovedFromProject A data source has been deleted and then removed from a project.
expiredDatasourceRemovedFromProject A data source that has expired and been deleted is removed from a project.
firstQuery A data source is queried for the first time through Immuta.
globalPolicyCreated A Global Policy is created.
globalPolicyDeleted A Global Policy is deleted.
globalPolicyDisabled A Global Policy is disabled.
globalPolicyUpdated A Global Policy is updated.
groupUserAdded A user is added to a group.
groupUserDeleted A user is removed from a group.
healthCheckFailed A health check runs and returns not healthy.
healthCheckResolved A health check runs and returns healthy.
modelAccessApproved A user's access request is approved for a data source or project.
modelAccessDenied A user's access request is denied for a data source or project.
modelAccessRequested A user requests access to a data source or project.
modelAccessRevoked A user's access request is revoked for a data source or project.
modelAccessUpdated A user's access level is updated for a data source or project.
modelCommentCreated A comment is left on a data source, data source column, data source query, or project.
modelCommentReply A reply is left on a data source, data source column, data source query, or project comment.
modelCommentResolved A comment or reply is resolved on a data source, data source column, data source query, or project.
modelCreated A data source or project is created.
modelDeleted A data source or project is deleted.
modelTagAdded A tag is added to a data source or a data source column.
modelTagRemoved A tag is removed from a data source or a data source column.
modelUserAdded A user is added to a data source.
modelUserDeleted A user is removed from a data source.
modelUserJoined A user joins a data source that they are already allowed to join.
nativeWorkspaceStateChanged A native workspace configuration within a project changes.
permissionsUpdated A user's permissions are updated.
policyAdjustmentCreated A policy adjustment is created.
policyAdjustmentExpired A policy adjustment has expired (the default is after a year).
policyCertificationExpired A policy certification on a data source has expired.
policyUpdated A data source's policies have been updated by a user or Global Policy. Policy updates are triggered for many reasons, including when a data source is created, a user updates them, a Global Policy changed, tags are added to a data source or column, the data dictionary changed, a fingerprint is recomputed, an external catalog modifies tags on a linked data source, or a policy disabled.
projectDisabled A project is disabled.
projectEqualizationMemberNotInCompliance A member of an equalized project is out of compliance.
projectEqualizationToggled Project equalization is toggled on or off.
projectUpdated A project is updated.
purposeCreated A purpose is created.
purposeDeleted A purpose is deleted.
purposeUpdated A purpose is updated.
queryCanceled A running query is canceled due to a change on a data source.
queryCreated A user creates a public query on a data source.
queryUpdated A public query is updated.
removedFromProject A data source is removed from a project.
switchedCurrentProject A user switches their current project.
tagCreated A tag is created.
tagDeleted A tag is deleted.
tagUpdated A tag is updated.
taskDeleted An outstanding data source task is deleted without validation.
taskValidated An outstanding data source task is validated.
userCloned A user is cloned.
userCreated A user or group is created.
userDeleted A user or group is deleted.
userDisabled A user is disabled.
userEnabled A user is enabled.
userMigrated A user is migrated from one IAM to another IAM.
usernameUpdated A user's name is updated.
userUpdated A group is updated.