Webhooks
Webhooks deliver real-time event notifications to your server when things happen in Brie. Instead of polling the API, register an endpoint and Brie will POST events to it.
Events
| Event | Trigger |
|---|---|
slice.created | A new slice is created |
slice.updated | A slice is updated (status, priority, description, etc.) |
slice.deleted | A slice is deleted |
Payload format
{
"id": "slice_abc123",
"summary": "Login broken on Safari",
"status": "open",
"priority": "high",
"createdAt": "2026-03-30T10:00:00.000Z"
}
Each delivery includes these headers:
| Header | Description |
|---|---|
X-Brie-Signature | sha256=<hmac> — HMAC-SHA256 of the payload |
X-Brie-Event | Event type (e.g. slice.created) |
X-Brie-Delivery | Unique delivery ID |
Verifying signatures
Use the signing secret (prefixed with whsec_) to verify that deliveries come from Brie:
import { createHmac } from 'crypto';
function verifyWebhook(body, signature, secret) {
const expected = createHmac('sha256', secret)
.update(body, 'utf8')
.digest('hex');
return `sha256=${expected}` === signature;
}
// In your handler:
const isValid = verifyWebhook(
rawBody,
req.headers['x-brie-signature'],
'whsec_your_secret_here'
);
Retry policy
Failed deliveries (non-2xx response or timeout) are retried with exponential backoff:
| Attempt | Delay |
|---|---|
| 1st retry | 30 seconds |
| 2nd retry | 2 minutes |
| 3rd retry | 10 minutes |
| 4th retry | 30 minutes |
| 5th retry | 2 hours |
After 5 failed attempts, the delivery is marked as exhausted. You can manually retry exhausted deliveries via the API or the dashboard.
Limits
- Maximum 25 active webhooks per organization
- Endpoint must use HTTPS
- Delivery timeout: 10 seconds