Predefined Webhooks

JFrog Platform Administration Documentation

Content Type
Administration / Platform
  1. Navigate to Administration Module | General | Webhooks, if you use the classic navigation.

    If you use the JFrog New Navigation, click Administration on the top bar. Select Platform Management| Webhooks.

  2. Click New Webhook.

  3. Ensure that the Predefined toggle is selected.

  4. Enter the name and description of the webhook.

  5. Enter the URL that the webhook invokes.

    For example:

    Artifactory sends an HTTP POST request to this URL.

  6. Select a proxy server from the list of configured proxy servers in the Use Proxy dropdown if you want to send the webhook through a proxy.

    Applicable only for a self-hosted JFrog Platform installation

  7. Select whether to show the results of the successful execution of the webhooks in the Troubleshooting tab.


    JFrog Cloud: Applicable only if Webhooks troubleshooting is available in your JFrog Cloud instance.

    JFrog Self-hosted: Applicable only if you configured Webhooks Troubleshooting.

  8. Select the events that should trigger the webhook.

    Events drop-down lists the events in Artifactory, Xray, and Distribution that function as the event trigger for the Webhook.

    You can select multiple events from the list.

    You can apply certain events to repositories, builds, and Release Bundles.

    You can apply events such as Artifact was deployed, moved, and added on every repository in Artifactory or on a list of specific repositories, based on a specific list or by using include/exclude patterns.


    If you select any local and/or remote repository, the webhook is applied on all existing repositories and any repositories you create in the future.


    You can apply events such as build was deployed, promoted, and deleted on every new build that is uploaded to Artifactory or on a list of specific builds, based on a specific list or by using include/exclude patterns.


    You can apply Release Bundle and Distribution events on every new Release Bundle or on a list of specific Release Bundles, based on a specific list or by using include/exclude patterns.

    Exclude:Include Patterns in Webhooks Build Page.png
  9. Enter the secret token to authenticate the event with the target service.

  10. Select whether to sign the payload with the secret token.

    The secret token is used to sign the event payload, allowing the target service to validate that the payload content has not been changed and is not passed as part of the event. If not selected, the secret is passed through the X-JFrog-Event-Auth HTTP header.

    Verify Webhook Payload

    To verify the webhook payload, run the following command.

    echo -n '<actual payload>' | openssl sha256 -hmac "<secret>"

    For a valid payload, the result must be the same on both sides.

  11. Add HTTP headers you wish to use to invoke the webhook.

    Click Add Header to add more than one header.

  12. Click Test to test the configuration.

    Sends a fake HTTP request to the target URL and verify that the webhook is working fine.

  13. Click Create to save the webhook configuration.


    By default, private networks are not allowed to be used as Webhook targets for security reasons. If you would like to allow use of a private network, change the URL strict policy configuration in the system.yaml file: urlStrictPolicy: true. See Artifactory System YAML.Artifactory System YAML