Shutdown notice: Errorception is shutting down on 30th June. Read more.


Get your errors into your monitoring apps, in realtime!

If your monitoring app is a publicly available service, or uses an open protocol, Errorception will host and manage your integration for you. Read the service hooks docs.

Whenever an error occurs, Errorception can make an HTTP POST to any URL you choose, with the error data in the HTTP POST payload. You can specify this URL in your Settings > Service Hooks > WebHooks. You can specify if the URL should be called every time an error occurs, or only the first time.

Receiving a WebHook call

You will need to have a publicly accessible web server running at the URL you've specified in your settings. Errors will be posted to your server as they occur, in near-real-time. The Content-Type of the POST will be application/json, and will contain a JSON-encoded POST body similar to the following.

  "isInline": true,
  "message": "\"_WidgetManager\" is undefined",
  "userAgent": "Mozilla/5.0 (Linux; U; Android 4.1.2; en-us; GT-I9100G Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30",
  "when": "after",
  "scriptPath": null,
  "page": "",
  "date": "2012-11-12T15:31:02.576Z",
  "isFirstOccurrence": true,
  "webUrl": "",
  "apiUrl": ""

Most of the fields in the JSON above are self-explanatory. If isInline is true, scriptPath will be null. isFirstOccurrence indicates if the error has occurred for the very first time. webUrl is a link to the error, and apiUrl can be used to fetch details about the error using the HTTP API.

Validating the request

Since the WebHook URL you've created will likely be open to the Internet, anyone will be able to make hits to it. To ensure that you only process POSTs from Errorception, you can perform a little check to ensure that you aren't being tricked.

Whenever you create a WebHook, Errorception creates a secret key for you, which you can see in the settings page itself. Do not share this secret key with anyone!

When Errorception makes a POST to your WebHook URL, it sends a X-Signature HTTP header. You can then perform the following computation:

sha1(yourSecret + error.message +;

error.message and are the strings from the POST you'll have received, and sha1 above is assumed to be a function that generates a sha1 hash. The result of this computation should be equal to the value of the X-Signature header. Since the secret is only known to you, no one else will be able to generate a matching hash.