Core workflows

Webhooks

Subscribe to workflow events

Webhooks let Outtake push workflow activity to your own systems without managing API credentials.

Getting started

Outtake provisions and manages workflow webhooks on your behalf. Reach out to your Outtake customer team to enable the feature for your profile. Once access is granted, use the Webhooks tab inside each workflow to tailor the signals you receive.

Event topics

  • workflow.item.created — Fires when a workflow item is first inserted. The payload includes the newly created state and associated workflow metadata so systems can react as soon as an item enters the queue.
  • workflow.item.state.changed — Emits whenever an item transitions to a new state. Outtake skips no-op transitions and delivers the updated state, alert context, and any filters applied to your notification rules.
  • workflow.item.resolved — Derived from the state-change pipeline whenever the new state matches the workflow’s configured “resolved” state. Use this topic to drive downstream resolution logic without re-checking state names.
  • workflow.item.reopened — Emitted when a previously resolved item re-enters an active state. The payload highlights the reopened state so teams can restart investigation automations.

Configure a workflow webhook

  1. Navigate to the workflow you want to instrument and open the Webhooks tab.
  2. Paste the HTTPS endpoint that should receive POST requests from Outtake. We require TLS for every delivery.
  3. Select the workflow events to forward:
    • workflow.item.created
    • workflow.item.state.changed
    • workflow.item.resolved
    • workflow.item.reopened
  4. (Optional) Provide a shared secret. Leaving this field blank generates a strong secret automatically; copy it into your receiver before you save.
  5. Save the configuration. Outtake starts sending the selected events to the configured destination.

Each workflow maintains its own webhook settings, so teams can tailor destinations and filters per queue.

Delivery payloads

Every webhook delivery is JSON with three top-level blocks:

  • event — The Inngest trigger name that fired (workflow-item-created or workflow-item-state-updated).
  • workflow — Context from the workflow that processed the alert, including workflowId, profileId, optional name, the newState, and previousState when an item moved rather than being created.
  • alert — Details about the alert that changed: alertId, type (content or account), platform metadata (platform, platformDisplayName), the subject string, optional contentTitle, the securityDescription, optional agentReasoning, and links to Outtake plus any inferred content/account URL. When preview images are enabled, previewImage includes { url, width, height }.

Sample payload (email)

1{
2  "event": "workflow-item-state-updated",
3  "workflowItemStateId": "wfi_94f3b7d8",
4  "workflow": {
5    "workflowId": "wf_12ab34cd",
6    "profileId": "prof_77e91f",
7    "name": "High-Risk Content Review",
8    "newState": "takedown:under_review",
9    "previousState": "takedown:new"
10  },
11  "alert": {
12    "alertId": "alert_92c5a1",
13    "type": "content",
14    "platform": "instagram",
15    "platformDisplayName": "Instagram",
16    "subject": "Acme Corp, Acme Ventures",
17    "contentTitle": "Video claiming to be Acme CFO",
18    "securityDescription": "This alert matches the entity \"Acme Corp.\" Agent review flagged the post for impersonation.",
19    "agentReasoning": "Flagged after automated workflow escalation.",
20    "links": {
21      "outtake": "https://app.outtake.ai/account/prof_77e91f/workflows/wf_12ab34cd?alertId=alert_92c5a1&workflowItemState=takedown:under_review",
22      "content": "https://instagram.com/p/abc123"
23    },
24    "previewImage": {
25      "url": "https://cdn.outtake.ai/previews/alert_92c5a1.webp",
26      "width": 250,
27      "height": 162
28    }
29  }
30}

Payloads are channel-agnostic—capture the event, workflow, and alert structures in your receiver and layer any channel-specific processing you need downstream.

Authentication

When you save a webhook, Outtake stores the shared secret you supplied (or generated). Each delivery includes an x-outtake-secret header that carries this value so your receiver can confirm the request came from Outtake. Compare the header to the secret you keep in your system and reject requests without a match.

Rotate secrets directly from the UI—choose Generate a new secret or paste your own value, then update your receiver before saving so future deliveries continue to authenticate.

Delivery semantics

  • Deliveries use four retry attempts with exponential backoff that mirrors our Slack and email notification pipeline. Non-2xx responses or network failures trigger retries until the attempts are exhausted.
  • Outtake never queues events while a webhook is disabled; we resume forwarding the moment the toggle is switched back on.
  • Dedicated delivery observability (historical logs, replay tooling) is in progress and will land in the webhook tab soon.

Edit or disable a webhook

  • Update the endpoint, secret, or event selection directly from the same UI. Changes take effect immediately for that workflow.
  • Use the Enable deliveries toggle to pause traffic without losing your settings. While disabled we keep the configuration but skip all sends.
  • To regenerate credentials, open the secret field and click Generate new secret; copy the new value into your receiver before saving so incoming deliveries continue to pass verification.

Operational tips

  • Store the shared secret in your secrets manager and rotate it on a regular cadence using the UI-generated value.
  • Build idempotent handlers keyed off the payload’s event ID so retries never duplicate work.
  • Instrument your receiver with logging and alerting so you can track delivery health until first-party observability ships.