Ingest an inbound event
POST /v1/in/{inboundKey}
POST
/v1/in/{inboundKey}
Start or advance a flow. The body is verified against the connection’s shared secret using the signature headers. Identified by inboundKey in the path — no bearer token. Hosted on hooks.2mee.com.
Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ” inboundKey
required
string
Unguessable per-connection key embedded in the inbound URL.
Header Parameters
Section titled “Header Parameters ” webhook-id
required
string
Stable message id (idempotency key).
webhook-timestamp
required
string
Unix seconds when the message was signed; used for replay rejection.
webhook-signature
required
string
HMAC-SHA256 over the raw body, base64, prefixed v1,.
Request Body required
Section titled “Request Body required ”object
version
required
string
1 messageId
required
string
msg_01HZX9 occurredAt
required
string format: date-time
eventType
required
string
purchase_completed clientUserId
string
user_8842 attributes
object
key
additional properties
any
endpoints
object
email
string format: email
phone
string
raw
object
key
additional properties
any
Responses
Section titled “ Responses ”Accepted and queued for the engine.
Missing or invalid authentication/signature.
object
error
object
code
string
invalid_signature message
string
requestId
string
Resource not found.
object
error
object
code
string
invalid_signature message
string
requestId
string
Duplicate messageId — already processed (safe to treat as success).
Payload exceeds the 256 KB cap.
Too many requests — honour Retry-After.
object
error
object
code
string
invalid_signature message
string
requestId
string
Headers
Section titled “Headers ” Retry-After
integer
Seconds to wait before retrying.
Was this page helpful? Tell us / report an issue ↗