Webhook Events Reference
Complete reference of all webhook event types, payload formats, and signature verification for Taifa Mail.
Base URL: https://govconnect.ke/v1
This page documents the webhook management API, event type schemas, delivery inspection, and signature verification.
Live outbound webhook delivery is not enabled yet. Creating a webhook stores your URL and event subscriptions, but Taifa Mail does not automatically POST email.sent, email.delivered, email.opened, and similar lifecycle events today. Deliveries you will see now:
- Test deliveries from
POST /v1/webhooks/{id}/test(sampleemail.delivered). email.inbound.forwardedwhen an inbound forwarding rule targets an HTTPS URL.
Track real outbound events in Developer → Email Logs and over GET /v1/emails until live fan-out ships.
All management endpoints require authentication via API Key or JWT cookie. API keys use the tfm_k_ prefix.
Manage webhooks
List webhooks
Returns your active webhook endpoints as a JSON array.
Response:
Create a webhook
Request body:
| Field | Type | Required | Description |
|---|---|---|---|
url | string | Yes | The HTTPS endpoint to deliver events to. |
events | string[] | Yes | Event types to subscribe to (see Event types). |
The signing secret is generated by the server and returned in the
response. There is no secret field in the request body.
Returns 201 Created with the webhook object, including its secret.
Update a webhook
Request body (all fields optional):
| Field | Type | Description |
|---|---|---|
url | string | New delivery endpoint. |
events | string[] | New event subscription list. |
is_active | boolean | Set false to pause delivery, true to resume. |
Delete a webhook
Returns 204 No Content.
Send a test event
Queues a sample email.delivered event to the endpoint so you can verify
your integration. The test delivery is logged like any other.
List delivery attempts
Query parameters:
| Parameter | Type | Default | Description |
|---|---|---|---|
page | integer | 0 | Page number (zero-indexed). |
limit | integer | 20 | Results per page (1-100). |
status | string | -- | Filter by delivery status. |
Response:
Get a delivery attempt
Returns the full delivery record, including the request payload,
response_body, and endpoint_url. The flat /v1/webhook-deliveries/{delivery_id}
form looks the delivery up by ID alone.
Common payload fields
Every webhook payload includes these fields:
| Field | Type | Description |
|---|---|---|
event | string | The event type (e.g. email.delivered). |
email_id | string | The ID of the email that triggered the event. |
recipient | string | The recipient email address. |
timestamp | string (ISO 8601) | When the event occurred. |
metadata | object | Additional context (tags, domain, subject). |
Event types
Webhook payloads use email.* event types (for example email.opened). The email events API on GET /v1/emails/{id}/events uses shorter names (open, click). The schemas below describe webhook payloads when live delivery is enabled.
email.sent
The email has been handed off to the recipient's mail server.
email.delivered
The recipient's mail server confirmed delivery.
email.opened
The recipient opened the email (tracking pixel loaded).
email.clicked
The recipient clicked a tracked link.
email.bounced
The email was permanently rejected by the recipient's mail server.
email.failed
Delivery failed due to an internal error or configuration issue.
email.complained
The recipient marked the email as spam (received via feedback loop).
email.unsubscribed
The recipient clicked the List-Unsubscribe link or used one-click unsubscribe.
Retry schedule
If your endpoint returns a non-2xx response or times out (15-second limit), Taifa Mail retries with backoff:
| Attempt | Delay after failure |
|---|---|
| 1 | 1 minute |
| 2 | 5 minutes |
| 3 | 30 minutes |
| 4 | 2 hours |
| 5 | 8 hours |
After five failed attempts, Taifa Mail stops retrying that delivery and notifies you in-app. Inspect attempts from the dashboard under Developer → Webhooks → select webhook → Deliveries.
Signature verification
Every webhook request includes an X-TaifaMail-Signature header (sha256= + HMAC-SHA256 hex) over the canonical string built from X-TaifaMail-Timestamp, X-TaifaMail-Delivery-ID, X-TaifaMail-Event, and the raw JSON body, signed with your webhook secret. Reject timestamps older than five minutes to block replays.
Always verify this signature before processing the payload.
Python
Node.js
Go
Always use constant-time comparison (hmac.compare_digest in Python, crypto.timingSafeEqual in Node.js, hmac.Equal in Go) to prevent timing attacks.
Your webhook signing secret is shown when you create the webhook. You can also find it under Developer → Webhooks → click the webhook → Signing secret.