PatchPulse API

Webhooks

Instantly decode game balance changes

Configure Endpoint View Payloads
Configuration

Endpoint Setup

Register a public HTTPS endpoint to receive real-time HTTP POST requests the moment PatchPulse detects a live patch deployment across supported titles.

Navigate to your developer dashboard and select Webhooks → Add Endpoint. Enter a valid URL that accepts JSON payloads. PatchPulse automatically retries failed deliveries using an exponential backoff strategy (2s, 4s, 8s, 16s) up to five attempts. Your server must respond with a 2xx status code within 3 seconds to acknowledge receipt. For local development, use ngrok or Cloudflare Tunnel to expose a secure temporary address.

Once registered, you will receive a unique webhook_id (e.g., wh_8f3a9c2b1d) and a signing secret used for payload verification. Keep this secret strictly server-side and never expose it in client-side code.

Event Types

Notification Payloads

PatchPulse dispatches structured JSON objects categorized by deployment phase. Filter events in your dashboard to receive only the triggers your application requires.

patch.detected

Fires when version strings diverge from the baseline across regional servers. Includes game_id, new_version, region, and a preliminary diff summary.

patch.published

Triggered after official patch notes are scraped and normalized. Contains full stat adjustments, item tier shifts, and developer commentary links.

patch.rolled_back

Sent when a deployment is reverted due to critical client crashes or server instability. Provides the reverted version and incident timestamp.

Example patch.published payload:

{
  "event_id": "evt_7721a9f4",
  "type": "patch.published",
  "timestamp": "2024-11-14T08:32:00Z",
  "data": {
    "game_id": "valorant_2023",
    "version": "8.09",
    "region": "na",
    "changes": [
      {"item": "Phantom", "stat": "damage", "old": "39", "new": "37"},
      {"agent": "Jett", "ability": "Updraft", "old": "60s", "new": "55s"}
    ]
  }
}
Verification

Payload Security

Every webhook request includes cryptographic signatures to guarantee authenticity and protect against replay attacks.

PatchPulse signs each payload using HMAC-SHA256 with your endpoint's signing secret. The signature is transmitted in the X-PatchPulse-Signature header alongside a Unix timestamp in X-PatchPulse-Timestamp. Reconstruct the signed string by concatenating the timestamp and raw body, then verify it matches the header value.

Reject any requests where the timestamp exceeds 5 minutes from your server's current time. Rotate signing secrets via the dashboard without interrupting active deliveries; PatchPulse will temporarily send dual-signed requests during the 24-hour transition window.

Generate New Secret View Integration Guide