Webhook Trigger
Trigger flows automatically in response to web-based events.
A Webhook trigger generates a unique URL that lets external applications (such as GitHub, Amazon EventBridge, or any system that can send HTTP requests) automatically start new executions in Kestra.
Each webhook URL requires a secret key to secure it. This prevents unauthorized access and ensures only trusted systems can trigger your flow.
type: "io.kestra.plugin.core.trigger.Webhook"
A Webhook trigger enables triggering a flow from a webhook URL.
When you create the trigger, you must provide a key. This key is embedded in the webhook URL: /api/v1/main/executions/webhook/{namespace}/{flowId}/{key}.
For security, use a randomly generated string rather than something easy to guess. Kestra accepts GET, POST, and PUT requests on the webhook URL. Both the request body and headers are automatically available as variables inside your flow.
Starting in Kestra 0.24, Basic Authentication is required for all instances. This change makes it so API requests require an Authorization header. Follow these Basic Authentication Encoding Steps to configure requests correctly.
Example
id: trigger
namespace: company.team
tasks:
- id: hello
type: io.kestra.plugin.core.log.Log
message: "Hello World! 🚀"
triggers:
- id: webhook
type: io.kestra.plugin.core.trigger.Webhook
key: 4wjtkzwVGBM9yKnjm3yv8r
After creating the trigger, include the key in the webhook URL to start the flow. For example:
https://{kestra_domain}/api/v1/main/executions/webhook/{namespace}/{flowId}/4wjtkzwVGBM9yKnjm3yv8r
Make sure to replace kestra_domain, namespace, and flowId.
You can also copy the formed Webhook URL from the Triggers tab.
Webhook Trigger Testing
If your flow uses trigger variables (such as {{ trigger.body }}), you can test it directly from the execution modal. Kestra generates a ready-to-use cURL command that lets you trigger the flow with a custom JSON payload.
See the Webhook trigger plugin documentation for a full list of properties and outputs.
Was this page helpful?