ErasureDocs
Webhooks

Webhooks

Consent project webhooks and Rights delete webhook Systems.

Webhooks

Source: app_docs/guide/connectors.md, app_docs/guide/consent.md, app_docs/sdk/GettingStarted.md, app_docs/guide/sdk.md.

Erasure has two different outbound webhook ideas. Do not mix them up.


Optional project setting: notify your backend when consent updates.

TopicDocumented behaviour
Eventconsent.updated (product docs / SDK getting started)
Signature headerX-Anumati-Signature — HMAC-SHA256 of the raw body
SecretSigning secret encrypted at rest (same encryption class as connector secrets)
DeliveryHMAC signature; SSRF checks; no unsafe redirects
ConsoleProject settings; webhook get/put; regenerate secret (Owner); test when supported
SDK noteExpress/Fastify integrations verify webhooks on the server while the banner runs in the browser

Config surface (operator API group): project webhook get/put, regenerate secret (Owner), test — under project-scoped Anumati platform routes.

TODO: Publish full JSON payload schema field-by-field when product docs export a frozen public schema. Until then, verify signature on the raw body and treat unknown fields as additive.


2. Rights Webhook System

A System connector type that receives signed delete notifications when Rights jobs run.

TopicDocumented behaviour
WhereRights → Systems → Webhook
ConfigEndpoint URL
AuthSigning secret (encrypted at rest)
ExecutionPOST signed payload; no redirect following
LimitsDelivery retries limited; treat as notification, not sole delete
RotateOwner rotate; may reveal secrets once

Guide: Connect a Webhook.


Security checklist

  • Secrets never committed
  • Signature verified (consent: X-Anumati-Signature, HMAC-SHA256 raw body)
  • Endpoint not open redirector
  • Idempotent handling on your side (retries exist for jobs)
  • SSRF-safe endpoints

Systems · SDKs · Security