Comment on page
Automatically send Dispatch events and data to your apps or services with webhooks
Webhooks allow your apps to receive information when events matching your Trigger conditions occur, and respond however you define.
Webhooks deliver data to your apps as they happen; you get the data you want immediately instead of having to poll (look) for changes to data. For example, we can send your app a notification when the balance of any of the wallets you're watching changes.
We don't currently support webhook request authentication via headers, but it's on our roadmap.
However, you should always verify that webhook requests originate from the
api.dispatch.esprezzo.iodomain; any other origin is not a legitimate Dispatch webhook request.
You should always verify that webhook requests originate from the
Any other origin is not a legitimate Dispatch webhook request and could pose a security risk.
Webhooks can be triggered by several types of events (Triggers) in Dispatch:
- Address activity: wallet balance of a specific token changed, or went above or below a threshold
- Smart contract activity: anytime selected events are emitted by, or functions are called in smart contracts
- Lots of possibilities:
- Alerts for unexpected AdminChange, Pause, Unpause events that could indicate security vulnerabilities
- Mint, transfer, upgrade & gameplay events on ERC721, ERC1155, ERC1967, ERC-4337
- Swap, trade & new pair/pool events on DEX contracts
- Any verified contract on Ethereum, Polygon, Base & Avalanche, with more networks coming soon
Every Dispatch webhook uses the same format, regardless of event type. The webhook request is a standard HTTP POST, and the request body will contain a JSON payload with the following top-level keys:
patch: information about the associated Patch (e.g.
patch.name, etc). This object also contains information about the Trigger as well (e.g.
details: information about the actual event that has occurred (e.g.
details.new_balance, etc for "address balance change" Triggers).
Important: Make sure your endpoint is publicly accessible so we can send unauthenticated POST requests.