Skip to main content
FluxoMail can POST events like email.sent, email.delivered, email.bounced, email.complained, email.opened, and email.clicked to your endpoint.

Configure Webhooks

In the app: Settings → Webhooks
  • Endpoint: public HTTPS URL to receive events
  • Signing secret: used to sign every payload
  • Enabled: toggle delivery on/off
  • Events: choose which event types to receive
Click “Save” and then “Send Test (delivered)” to validate receipt.

Verify Signatures

We sign the raw JSON body with HMAC‑SHA256 using your secret. The signature is sent in the X-Fluxomail-Signature header. Example verifier (Node.js/Express): 
import crypto from 'crypto'

function verifySignature(secret: string, rawBody: string, signature: string) {
  const expected = crypto.createHmac('sha256', secret).update(rawBody).digest('hex')
  return crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(signature))
}

Event Format

{
  "id": "evt_...",
  "type": "email.delivered",
  "created": 1736552340123,
  "organizationId": "org_...",
  "data": {
    "to": "[email protected]",
    "subject": "Hello",
    "messageId": "..."
  }
}

Testing

Use the “Send Test” button in Settings → Webhooks to emit a signed sample event to your endpoint.

Tips

  • Respond with 2xx quickly; process asynchronously when possible.
  • Use retries/backoff on your side if you fan‑out; FluxoMail treats webhooks as a delivery mechanism—your ledger remains the source of truth.