Webhook Router ingests JSON, applies sensible templates for FDA guidance & recalls, and delivers to Slack, Microsoft Teams, Discord, or a generic webhook.
Hosted on Fly.io • Own API key • Optional HMAC signing • Postgres-backed
# Send an event
BODY='{"title":"Guidance XYZ","url":"https://www.fda.gov/...","center":"CDER","date":"2025-08-11","summary":"..."}'
SIG=$(printf '%s' "$BODY" | openssl dgst -sha256 -hmac "$SIGNING_SECRET" -r | awk '{print $1}')
curl -s -X POST https://api.yourdomain.com/ingest/fda.guidance \
-H "X-Api-Key: $API_KEY" \
-H "X-Signature: $SIG" \
-H "Content-Type: application/json" \
-d "$BODY"
Slack incoming webhooks, Teams connector cards, Discord, or generic HTTP.
Auto-formats guidance & recalls: title, center, date, reason, links.
Per-project API keys + optional HMAC SHA-256 signatures.
We generate or accept your API key and optional signing secret.
Map topics like fda.guidance to Slack/Teams/Discord/webhook endpoints.
Send JSON to /ingest/{topic}. We queue, retry with backoff, and deliver.
curl -s -X POST https://api.yourdomain.com/v1/projects \
-H "X-Admin-Key: <ADMIN_BOOTSTRAP_KEY>" \
-H "Content-Type: application/json" \
-d '{
"name":"acme-prod",
"api_key":"<SAVE_THIS_KEY>",
"signing_secret":"<SAVE_THIS_HMAC>",
"plan":"basic"
}'
curl -s -X POST https://api.yourdomain.com/v1/routes \
-H "X-Api-Key: <SAVE_THIS_KEY>" \
-H "Content-Type: application/json" \
-d '{
"topic":"fda.guidance",
"kind":"slack_webhook",
"endpoint":"https://hooks.slack.com/services/XXX/YYY/ZZZ",
"template_key":"guidance"
}'
BODY='{"title":"Guidance XYZ","url":"https://www.fda.gov/...","center":"CDER","date":"2025-08-11","summary":"Short summary."}'
SIG=$(printf '%s' "$BODY" | openssl dgst -sha256 -hmac "<SAVE_THIS_HMAC>" -r | awk '{print $1}')
curl -s -X POST https://api.yourdomain.com/ingest/fda.guidance \
-H "X-Api-Key: <SAVE_THIS_KEY>" \
-H "X-Signature: $SIG" \
-H "Content-Type: application/json" \
-d "$BODY"
// 1) Open the setup page
// 2) Paste your Slack/Teams/Discord webhook URL
// 3) Click “Send test”All requests must include X-Api-Key. For ingestion, add X-Signature (hex SHA-256 HMAC of the raw body with your signing secret) if the project or global secret is set.
Create a project (API key + optional signing secret).
Headers: X-Admin-Key, Content-Type: application/json
Body: {
name: string,
api_key: string (min 12 chars),
signing_secret?: string,
plan?: "free" | "basic" | "pro"
}
Response: { id, name, plan }
Create a route bound to a topic.
Headers: X-Api-Key, Content-Type: application/json
Body: {
topic: string, // e.g. "fda.guidance"
kind: "slack_webhook" | "teams_webhook" | "discord_webhook" | "http_webhook",
endpoint: string, // destination webhook URL
template_key?: "auto" | "guidance" | "device_recall" | "drug_recall",
enabled?: boolean
}
Response: { id, topic, kind, endpoint, template_key, enabled }
List your routes.
Headers: X-Api-Key
Response: Route[]Ingest an event payload for a topic. Routes with a matching topic will receive formatted messages.
Headers: X-Api-Key, X-Signature (optional/required if signing is configured)
Body: raw JSON
Response: { status: "accepted", event_id: number, routes: number[], soft_limit: boolean }
Errors: 401 (auth), 404 (no route), 429 (plan hard limit)
3 projects • 10 routes • 10k events/mo
$9/mo
Unlimited projects/routes • 100k events/mo
$29/mo
Need higher limits or on-prem? Contact us.
We store a minimal event record for delivery status and metering. No multi-tenant data sharing. You can request deletion anytime.
We retry up to 5 times with exponential backoff when destination returns a non-2xx.
Enable HMAC. Include X-Signature with hex SHA-256 of the raw body using your signing secret.
Yes. Use any topic string you want. The auto template falls back to a generic message format.