New alert notification

Webhook 

The Alert Notification API provides a webhook mechanism for real-time alert notifications, allowing for immediate reaction to various types of system events. This API sends notifications as JSON payloads to pre-configured endpoints.

info

Upon receiving a notification, you can optionally return a HTTP 200 OK status code to acknowledge receipt, however we do not make repeat attempts at delivery should publishing fail.

Events

The following events will trigger a notification:

• RAISED: A new alert has been generated.
• SEVERITY_INCREASED: The severity level of an existing alert has been increased.
• CLOSED: An alert has been closed. Additional information can be found in the closeReason property.

Signature verification

All notifications are signed using HMAC-SHA256 to ensure the authenticity of the alert. To verify the payload, you need to:

1. Obtain your unique secret key via the Gardin Management Console.
2. Compute the HMAC-SHA256 signature of the received payload using your secret key.
3. Compare this signature with the value in the Gardin-Signature header of the request.

Below is a sample code snippet in Python that demonstrates how to verify a webhook payload:

import hmac
import hashlib

# Your unique secret key from Gardin Management Console
secret_key = "your_unique_secret_key"

# The payload received from the webhook
payload = "webhook_payload_here"

# The signature from the Gardin-Signature header
received_signature = "signature_from_header"

# Compute the HMAC digest
computed_signature = hmac.new(
    secret_key.encode('utf-8'),
    msg=payload.encode('utf-8'),
    digestmod=hashlib.sha256
).hexdigest()

# Compare the computed and received signature
if computed_signature == received_signature:
    print("Webhook verified!")
else:
    print("Webhook verification failed!")

Request

Header Parameters

Gardin-Signature stringrequired

HMAC-SHA256 signature of the payload, used to verify the authenticity of the request. Obtain your unique secret key from the Gardin Management Console to verify the signature.

application/json

Body

alertId stringrequired

The unique identifier for the alert, represented as a ULID.

alertSeverity stringrequired

Possible values: [LOW, MEDIUM, HIGH]

The severity level of the alert.

alertType stringrequired

Possible values: [HEALTH, PRODUCTIVITY]

The type of alert.

closeReason string

Possible values: [RECOVERY_DETECTED, EXPIRED, REPLACED]

The reason for the alert closure. Only present for CLOSED events.

event stringrequired

Possible values: [RAISED, SEVERITY_INCREASED, CLOSED]

The event that triggered the notification.

jobId stringrequired

The identifier of the growth job associated with the alert.

notificationId stringrequired

The unique identifier for the notification, represented as a ULID.

previousSeverity string

Possible values: [LOW, MEDIUM, HIGH]

The previous severity level of the alert. Only present for SEVERITY_INCREASED events.

tenantId stringrequired

The identifier for your tenancy, represented as a ULID.

timestamp date-timerequired

The timestamp when the event occurred (RFC-3339 format).

Responses

200

API users can return a HTTP 200 OK status to indicate that the data was received successfully.

Authorization: oauth2

name: ClientCredentialstype: oauth2description: To access the Gardin API, users are required to authenticate using the [OAuth2 Client Credentials flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow). This authentication method is designed for applications that need to access resources on behalf of themselves, not on behalf of a user. It involves the application presenting its own credentials to obtain an access token, which then grants it permission to call the desired API endpoints.

The Client Credentials flow is particularly suitable for server-to-server interactions where the application needs to access resources without user intervention. Upon successful authentication, the application is issued an access token.

Access tokens are represented as [JSON Web Tokens (JWTs)](https://jwt.io/introduction), which are compact, URL-safe means of representing claims to be transferred between two parties. These tokens contain a set of claims that grant specific rights and are securely signed, allowing the recipient to verify their authenticity and integrity.

See [POST /oauth2/token endpoint documentation](/docs/gardin-api/acquire-access-token-client-credentials-flow) for more information.flows: {
  "clientCredentials": {
    "tokenUrl": "https://login.gardin.ag/oauth2/token/",
    "scopes": {}
  }
}

Request Collapse all

Auth

Bearer Token

Parameters

Gardin-Signature — headerrequired

Body

• Example (from schema)
• alertClosedExpired
• alertClosedRecovered
• alertClosedReplaced
• alertRaised
• alertSeverityIncreased

{
  "alertId": "string",
  "alertSeverity": "LOW",
  "alertType": "HEALTH",
  "closeReason": "RECOVERY_DETECTED",
  "event": "RAISED",
  "jobId": "string",
  "notificationId": "string",
  "previousSeverity": "LOW",
  "tenantId": "string",
  "timestamp": "2025-05-21T10:46:01.573Z"
}

ResponseClear

Click the Send API Request button above and see the response here!