GET /api/v1/runs/{run_id} for canonical reconciliation.
Supported Events
Both placement and entity analysis runs fire the same events. An entity analysis completion
delivers
run.completed with the analysis output in data.run.output instead of ranked
solutions.
Security
Every webhook delivery is cryptographically signed. You can also add an optional bearer token for simpler setups. The two mechanisms serve different purposes:-
Signing secret (recommended): Nexio generates an HMAC-SHA256 signing secret (
whsec_...) when you create an endpoint. Every delivery includes anX-Nexio-Signatureheader computed from the payload. Your server recomputes the signature and compares: proving the request is from Nexio, the payload was not tampered with, and the request is not a replay. -
Auth token (optional, simpler): A static bearer token you provide when creating or updating
an endpoint. Nexio includes it as
Authorization: Bearer <token>on every delivery. Convenient for API gateways but does not verify payload integrity or protect against replay.
Verifying the signing secret
Parse theX-Nexio-Signature header to extract the timestamp (t=) and one or more signatures
(v1=). Recompute the HMAC and compare using constant-time equality.
Delivery Contract
- At least once delivery: your consumer must be idempotent
- Ordering not guaranteed: don’t depend on event order
- Same
X-Nexio-DeliveryUUID across retries for the same endpoint delivery - Immutable payload: the JSON snapshot is fixed at delivery creation
Retry schedule
Failed deliveries retry with exponential backoff: 1 min, 5 min, 30 min, 2 hours, 12 hours. After all retries are exhausted, the delivery is dead-lettered.Delivery headers
Example delivery payload (placement run)
Example delivery payload (entity analysis run)
Best Practices
- Return
2xxquickly and process downstream work asynchronously. Nexio retries on non-2xx responses with exponential backoff. - Deduplicate on
X-Nexio-Delivery: the same delivery UUID is sent across retries. - Verify signatures using the code examples above.
- Reject stale timestamps older than 5 minutes to prevent replay attacks.
- Poll the run status endpoint as the canonical reconciliation read if you miss a delivery
or receive events out of order: use
GET /api/v1/runs/{run_id}.