Webhook
Webhook at Zustack.
Webhook is a callback system that allows Zustack to notify your system about events related to your uploaded files.
When a file’s status changes (e.g., after successful upload or processing),
a POST request is sent to the url_callback you have configured in
your bucket.
Webhook Payload
Section titled “Webhook Payload”The webhook will be delivered as a POST request with the following headers:
| Header | Type | Description |
|---|---|---|
file_id | string | Unique identifier of the uploaded file. |
media_url | string | The final URL of the file. |
status | string | Current status of the file (e.g., success) |
Authorization | string | A signed JWT token to verify and authenticate the request origin. |
Webhook Verification
Section titled “Webhook Verification”Receiving a webhook often triggers important operations, so it’s critical to verify that the request really comes from Zustack.
How to verify:
Section titled “How to verify:”- Extract the
Authorizationheader from the incoming request. - It will be a JWT signed by Zustack.
- Use your bucket’s API key as the secret to validate the signature.
- If the JWT is valid, the webhook is authentic.
Always reject requests with missing or invalid JWTs to prevent spoofed webhooks.