Endpoint setup
Use the integration page to decide what automation should happen, then use the webhook docs for payload and signature implementation. Add an HTTPS receiver URL in the dashboard, store the one-time signing secret in your receiver configuration, and rotate it from the channel page when ownership changes.
- Use HTTPS receivers your team operates or is authorized to configure.
- Store the generated signing secret outside source code.
- Rotate the channel secret after receiver migrations or suspected exposure.
- Treat receiver failures as alert-path issues, not as certificate state.