AI prompts
base on The Standard Webhooks specification <h1>
<a style="text-decoration: none" href="https://www.standardwebhooks.com">
<img width="360" src="./assets/brand.svg" />
</a>
</h1>
Open source tools and guidelines for sending webhooks easily, securely, and reliably
## Introduction
Webhooks are becoming increasingly popular and are used by many of the world's top companies for sending events to users of their APIs. However, the ecosystem is fragmented, with each webhook provider using different implementations and varying quality. Even high quality implementations vary, making them inherently incompatible. This fragmentation is a pain for the providers and consumers, stifling innovation.
For consumers, this means handling webhooks differently for every provider, relearning how to verify webhooks, and encountering gotchas with bespoke implementations. For providers, this means reinventing the wheel, redesigning for issues that have already been solved (security, forward compatibility, etc.).
We propose a simple solution: standardize webhooks across the industry. This design document outlines our proposal, a set of strict webhook guidelines based on the existing industry best practices. We call it "Standard Webhooks".
We believe "Standard Webhooks" can do for webhooks what JWT did for API authentication. Adopting a common protocol that is consistent and supported by different implementations will solve the above issues, and will enable new tools and innovations in webhook ecosystem.
To achieve this, we have created an open source and community-driven set of tools and guidelines for sending webhooks.
## What are Webhooks?
Webhooks are a common name for HTTP callbacks, and are a way for services to notify each other of events. Webhooks are part of a service's API, though you can think of them as a sort of a "reverse API". When a client wants to make a request to a service they make an API call, and when the service wants to notify the client of an event the service triggers a webhook ("a user has paid", "task has finished", etc.).
Webhooks are server-to-server, in the sense that both the customer and the service in the above description, should be operating HTTP servers, one to receive the API calls and one to receive the webhooks. It's important to note that while webhooks usually co-exist with a traditional API, this is not a requirement, and some services send webhooks without offering a traditional API.
## Read the specification
The latest draft specification can be found at [spec/standard-webhooks.md](./spec/standard-webhooks.md) which tracks the latest commit to the main branch in this repository.
The human-readable markdown file is the source of truth for the specification.
## Reference implementations
There are reference implementations for the signature verification theme for a variety of languages, including:
- [Python](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/python)
- [JavaScript/TypeScript](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/javascript)
- [Java/Kotlin](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/java)
- [Rust](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/rust)
- [Go](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/go)
- [Ruby](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/ruby)
- [PHP](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/php)
- [C#](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/csharp)
- [Elixir](https://github.com/standard-webhooks/standard-webhooks/tree/main/libraries/elixir)
## Technical steering committee
The Standard Webhooks initiative, the specification, and development of tooling is driven by the community and guided by the technical steering committee.
Members (in alphabetical order):
* [Brian Cooksey](https://github.com/bcooksey) ([Zapier](https://zapier.com/))
* [Ivan Gracia](https://github.com/igracia) ([Twilio](https://twilio.com/))
* [Jorge Vivas](https://github.com/jorgelob) ([Lob](https://lob.com))
* [Matthew McClure](https://github.com/mmcc) ([Mux](https://mux.com))
* [Nijiko Yonskai](https://github.com/nijikokun) ([ngrok](https://ngrok.com))
* [Stojan Dimitrovski](https://github.com/hf) ([Supabase](https://supabase.com))
* [Tom Hacohen](https://github.com/tasn/) ([Svix](https://www.svix.com))
* [Vincent Le Goff](https://github.com/zekth) ([Kong](https://konghq.com))
## Example ecosystem benefits of Standard Webhooks
We believe "Standard Webhooks" can do to webhooks what JWT did to API authentication. Having a common protocol that is consistent will enable a variety of implementations to interoperate, reducing the development burden on webhook consumers and enabling new uses. Some of these benefits include:
- API Gateway signature verification: signature verification is a common challenge for webhook consumers. Standard Webhooks makes it possible for verification to be implemented directly in the API gateway, easily solving verification for consumers.
- Having a set of libraries for signing and verification make webhook verification easier for scenarios where API gateways can't be used.
- Workflow automation tools (such as Zapier, Make, Workato, and tray.io) can implement the signature verification themselves to ensure a secure integration and save the need for integration builders to reinvent the wheel every time.
- Standard Webhooks will enable building tools to automatically generate SDK for webhook consumers that in addition to verifying the signature can also validate the schemas (using JSON Schema, OpenAPI or AsyncAPI definitions).
- Many more...
## Related efforts
There are a few complementary or partially overlapping efforts to standardize asynchronous event communication. This specification is compatible with the rest of them, and can either reuse existing efforts or benefit further from collaboration with them. The most notable of such efforts are:
- [OpenAPI](https://www.openapis.org/)
- [AsyncAPI](https://www.asyncapi.com/)
- [CloudEvents](https://cloudevents.io/)
- [IETF HTTP Message Signatures](https://httpwg.org/http-extensions/draft-ietf-httpbis-message-signatures.html)
- [REST Hooks](http://resthooks.org/)
- [Webhooks.fyi](https://webhooks.fyi/) - a collection of useful webhooks resources (not a standardization effort).
", Assign "at most 3 tags" to the expected json: {"id":"5780","tags":[]} "only from the tags list I provide: [{"id":77,"name":"3d"},{"id":89,"name":"agent"},{"id":17,"name":"ai"},{"id":54,"name":"algorithm"},{"id":24,"name":"api"},{"id":44,"name":"authentication"},{"id":3,"name":"aws"},{"id":27,"name":"backend"},{"id":60,"name":"benchmark"},{"id":72,"name":"best-practices"},{"id":39,"name":"bitcoin"},{"id":37,"name":"blockchain"},{"id":1,"name":"blog"},{"id":45,"name":"bundler"},{"id":58,"name":"cache"},{"id":21,"name":"chat"},{"id":49,"name":"cicd"},{"id":4,"name":"cli"},{"id":64,"name":"cloud-native"},{"id":48,"name":"cms"},{"id":61,"name":"compiler"},{"id":68,"name":"containerization"},{"id":92,"name":"crm"},{"id":34,"name":"data"},{"id":47,"name":"database"},{"id":8,"name":"declarative-gui "},{"id":9,"name":"deploy-tool"},{"id":53,"name":"desktop-app"},{"id":6,"name":"dev-exp-lib"},{"id":59,"name":"dev-tool"},{"id":13,"name":"ecommerce"},{"id":26,"name":"editor"},{"id":66,"name":"emulator"},{"id":62,"name":"filesystem"},{"id":80,"name":"finance"},{"id":15,"name":"firmware"},{"id":73,"name":"for-fun"},{"id":2,"name":"framework"},{"id":11,"name":"frontend"},{"id":22,"name":"game"},{"id":81,"name":"game-engine "},{"id":23,"name":"graphql"},{"id":84,"name":"gui"},{"id":91,"name":"http"},{"id":5,"name":"http-client"},{"id":51,"name":"iac"},{"id":30,"name":"ide"},{"id":78,"name":"iot"},{"id":40,"name":"json"},{"id":83,"name":"julian"},{"id":38,"name":"k8s"},{"id":31,"name":"language"},{"id":10,"name":"learning-resource"},{"id":33,"name":"lib"},{"id":41,"name":"linter"},{"id":28,"name":"lms"},{"id":16,"name":"logging"},{"id":76,"name":"low-code"},{"id":90,"name":"message-queue"},{"id":42,"name":"mobile-app"},{"id":18,"name":"monitoring"},{"id":36,"name":"networking"},{"id":7,"name":"node-version"},{"id":55,"name":"nosql"},{"id":57,"name":"observability"},{"id":46,"name":"orm"},{"id":52,"name":"os"},{"id":14,"name":"parser"},{"id":74,"name":"react"},{"id":82,"name":"real-time"},{"id":56,"name":"robot"},{"id":65,"name":"runtime"},{"id":32,"name":"sdk"},{"id":71,"name":"search"},{"id":63,"name":"secrets"},{"id":25,"name":"security"},{"id":85,"name":"server"},{"id":86,"name":"serverless"},{"id":70,"name":"storage"},{"id":75,"name":"system-design"},{"id":79,"name":"terminal"},{"id":29,"name":"testing"},{"id":12,"name":"ui"},{"id":50,"name":"ux"},{"id":88,"name":"video"},{"id":20,"name":"web-app"},{"id":35,"name":"web-server"},{"id":43,"name":"webassembly"},{"id":69,"name":"workflow"},{"id":87,"name":"yaml"}]" returns me the "expected json"