Webhooks
Webhooks push GPTfake alerts to your endpoint the moment they are detected, so you don’t have to poll. Subscribe to specific event types and models, and we deliver a signed JSON payload to your URL.
Create a subscription
POST /webhookscurl -X POST https://api.gptfake.com/v1/webhooks \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://your-app.com/webhook",
"events": ["policy_change", "censorship_spike"],
"models": ["chatgpt", "claude"]
}'Response:
{
"id": "wh_3a90",
"url": "https://your-app.com/webhook",
"events": ["policy_change", "censorship_spike"],
"models": ["chatgpt", "claude"],
"secret": "whsec_...",
"status": "active"
}Events
| Event | Fired when |
|---|---|
policy_change | A model’s stated policy or observed rules change |
censorship_spike | A refusal rate rises sharply versus baseline |
See Alerts for how these events are detected.
Delivery payload
When an event fires we POST a payload to your url:
{
"id": "evt_77c2",
"type": "censorship_spike",
"model": "chatgpt",
"data": {
"category": "political",
"delta": "+5.8pp",
"detected_at": "2024-11-24T06:00:00Z"
},
"methodology": "https://gptfake.com/monitoring/methodology"
}Verify signatures
Each delivery includes an X-GPTfake-Signature header — an HMAC of the raw body using your subscription secret. Recompute it and compare before trusting a payload.
Always verify the signature and respond 2xx quickly. We retry failed deliveries with exponential backoff; non-2xx responses are treated as failures.
Manage subscriptions
GET /webhooks # list subscriptions
GET /webhooks/{id} # retrieve one
DELETE /webhooks/{id} # remove oneManaging webhooks via OAuth requires the webhooks.write scope — see OAuth 2.0.
Next steps
- Review the Alerts endpoint for the polling alternative.
- Back to the Monitoring API overview.