Skip to main content
Webhooks let Lanten push notifications to your system when events occur — such as a new maintenance issue being created, or an issue being marked as completed.

How webhooks work

  1. You register a webhook endpoint URL in your Lanten dashboard
  2. When an event occurs, Lanten sends an HTTP POST request to your endpoint
  3. Your endpoint receives the event payload and responds with a 200 status
If your endpoint returns a non-200 response or times out, Lanten will retry the request with exponential backoff.

Registering a webhook

Go to Settings → Developers in your dashboard and add your endpoint URL. You can subscribe to specific event types or receive all events.

Verifying requests

Every webhook request includes a signature in the Lanten-Signature header. Verify this signature to confirm the request came from Lanten. The signature is an HMAC-SHA256 hash of the raw request body, signed with your webhook secret: 
HMAC-SHA256(raw_body, webhook_secret)
Your webhook secret is shown when you create the webhook in your dashboard.

Example verification

import crypto from "crypto"

function verifyWebhook(body: string, signature: string, secret: string): boolean {
  const expected = crypto
    .createHmac("sha256", secret)
    .update(body)
    .digest("hex")

  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expected)
  )
}

Payload structure

All webhook payloads share a common envelope: 
{
  "event": "issue.created",
  "timestamp": "2025-03-14T10:00:00.000Z",
  "data": {
    ...
  }
}
FieldTypeDescription
eventstringThe event type (see Events)
timestampstringISO 8601 timestamp of when the event occurred
dataobjectThe event payload

Browse all events

See the full list of webhook events and their payloads.