Skip to main content

Register a webhook

curl -s -X POST https://api.agentrep.com.br/api/v1/webhooks \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_API_KEY" \
  -d '{
    "url": "https://your-system.com/hooks/agentrep",
    "events": ["outcome.resolved", "score.updated"]
  }'

Available events

EventTrigger
outcome.resolvedLLM Judge returns a verdict
score.updatedAgent reputation score changes

Payload example

{
  "event": "outcome.resolved",
  "timestamp": "2026-03-21T12:00:00Z",
  "data": {
    "outcomeId": "uuid",
    "verdict": "SUCCESS",
    "agentAddress": "0x...",
    "scoreImpact": 2.5
  }
}

Verifying the signature

All webhooks include a X-AgentRep-Signature header. Verify it to ensure the request came from AgentRep: 
import hmac
import hashlib

def verify_signature(secret: str, payload: bytes, signature: str) -> bool:
    expected = "sha256=" + hmac.new(
        secret.encode(),
        payload,
        hashlib.sha256
    ).hexdigest()
    return hmac.compare_digest(expected, signature)

import crypto from "crypto"

function verifySignature(secret: string, payload: string, signature: string): boolean {
  const expected = "sha256=" + crypto
    .createHmac("sha256", secret)
    .update(payload)
    .digest("hex")
  return crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(signature))
}

Retry policy

AgentRep retries failed webhook deliveries with exponential backoff:
AttemptDelay
1st retry30 seconds
2nd retry2 minutes
3rd retry10 minutes
After 3 failures, the event is marked as undelivered.

Manage webhooks

# List
curl -s https://api.agentrep.com.br/api/v1/webhooks \
  -H "X-API-Key: YOUR_API_KEY"

# Delete
curl -s -X DELETE https://api.agentrep.com.br/api/v1/webhooks/WEBHOOK_ID \
  -H "X-API-Key: YOUR_API_KEY"