Introduction

Configure HTTP callbacks to push Level events to your own systems in real time. When something happens in Level — a new alert fires, a device is added, a group is updated — Level sends a POST request to the URL you specify, so you can react to it in your own tooling without polling the API.

⚙️ PREREQUISITES

A publicly accessible HTTPS endpoint ready to receive POST requests with a JSON body.
Admin access to your Level organization.

Webhook Settings

Navigate to Settings → Webhooks. The page has two tabs:

Webhooks — your configured webhooks
Requests — the delivery log for all outbound requests

Creating a Webhook

1. Click + Add webhook (top right) or + Create webhook (empty state).

2. Enter the destination URL. This is where Level will POST event data. Use HTTPS.

💡 TIP: Generate your secret with a password manager or openssl rand -hex 32. Use a high-entropy random string.

3. (Optional) Enter a Secret. Level uses this to sign each outgoing request so your endpoint can verify the payload came from Level.

⚠️ WARNING: The secret can't be viewed again after you save. Copy it somewhere before clicking Add webhook — you'll need it in your endpoint code to verify signatures.

4.. The Enabled toggle is on by default. Leave it on to start receiving events immediately. Disable it to pause delivery without deleting the webhook.

5. Under Events to send, choose what triggers this webhook:

Send all event types — Level sends every event type, including any new ones added in the future.
Select types to send — pick from the list below.

Available Event Types

Event	When it fires
Alert active	A new alert is raised on a device
Alert resolved	An existing alert is resolved
Device created	A new device is added to your account
Device deleted	A device is removed from your account
Device updated	An existing device's data or configuration changes
Group created	A new device group is created
Group deleted	A device group is permanently deleted
Group updated	A group's name or configuration is changed

ℹ️ NOTE: If you use Select types to send, new event types added to Level in the future won't be included automatically. Switch to Send all event types if you want forward-compatible delivery.

6. Click Add webhook to save.

Payload Structure

Every webhook delivery — regardless of event type — uses the same JSON envelope:

{
  "event_type": "device_created",
  "event_id": "a3f1b2c4-...",
  "occurred_at": "2026-03-13T18:30:00Z",
  "data": { ... }
}

Field	Type	Description
`event_type`	string	One of the 8 event types listed above
`event_id`	UUID	Unique per event; stable across retries — use this to deduplicate
`occurred_at`	ISO 8601 datetime (UTC)	When the event was generated
`data`	object	Resource-specific payload for this event

💡 TIP: Use event_id to make your endpoint idempotent. Level retries failed deliveries automatically, so the same event may arrive more than once.

Verifying Request Signatures

If you configured a secret, Level includes an X-Level-Signature header on every request. The format is sha256=<hex_digest>.

To verify:

Take the raw JSON request body as a string.
Compute HMAC-SHA256 of that string using your secret as the key.
Prefix the result with sha256= and compare it to the X-Level-Signature header value.
If they match, the request is from Level.

ℹ️ NOTE: The X-Level-Signature header is only present when a secret is configured on the webhook. If you didn't set one, consider editing the webhook to add it.

Reviewing Delivery Logs

The Requests tab shows every outbound request Level has attempted across all configured webhooks.

Each row shows:

Status — success or failed badge
Status code — the HTTP response code from your endpoint (or -- if the connection failed before a response)
URL — the destination for that request

Click any row to open the detail panel.

The detail panel shows:

Event time — when the event occurred
Status code — HTTP response from your server
Full URL — the exact URL Level sent to
Error message — the connection or HTTP error, if any
Response body — what your endpoint returned (or the raw error output)

Automatic Retries

When a delivery fails, Level retries automatically — up to 3 attempts total. Each retry waits approximately 2 minutes, plus a random delay of 1–60 seconds. After 3 failed attempts, Level stops trying and logs the final failure. No alert is raised and the webhook isn't disabled.

ℹ️ NOTE: Because Level retries automatically, the same event may be delivered more than once. Use event_id to deduplicate on your end.

Re-running a Failed Request Manually

If you've fixed the underlying issue and don't want to wait for the next retry, click Re-run request at the bottom of the detail panel. Level resends the original payload immediately.

⚠️ WARNING: Re-run request sends the same payload again. If your endpoint isn't idempotent, this may create duplicates. Check event_id before processing.

Managing Existing Webhooks

On the Webhooks tab, each configured webhook is listed with its URL and enabled status. From there you can edit the configuration, toggle it on or off, or delete it.

ℹ️ NOTE: Disabling a webhook stops delivery without deleting it or its request history. Use this when your endpoint is undergoing maintenance.

FAQ

What format does Level use for webhook payloads? Level sends an HTTP POST with a JSON body. Every event uses the same envelope: event_type, event_id, occurred_at, and data. The data object contains the resource-specific payload for that event type.
How do I verify that a request came from Level? Set a secret on the webhook. Level includes an X-Level-Signature header formatted as sha256=<hex_digest> on every request. Compute HMAC-SHA256 of the raw request body using your secret, then compare to the header value. See Verifying Request Signatures above.
Who can create and manage webhooks? Webhook configuration — including the Requests log — is restricted to admins. Only technicians with admin access to your Level organization can create, edit, view, or delete webhooks.
My requests are all showing as Failed. What should I check? Open a failed request in the detail panel and read the error message and response body. Common causes: the URL isn't publicly reachable, your endpoint returned a non-2xx status code, or the URL was mistyped. Fix the underlying issue, then use Re-run request to retry without waiting for the automatic retry window.
Can I send the same events to multiple endpoints? Yes. Create a separate webhook for each destination URL. Each webhook subscribes to event types independently.
What happens after 3 failed delivery attempts? Level stops retrying and logs the final failure. The webhook stays enabled and will continue attempting future events — only that specific delivery is abandoned. You can still manually re-run it from the Requests tab.
I lost my webhook secret. Can I recover it? No. The secret can't be viewed after the webhook is saved. Edit the webhook to set a new secret, then update your endpoint code to use the new value.