Products
Solutions
Pricing
Compare
Resources
Developers
Support
LemonX Developers · Webhooks

Trigger external workflows when LemonX actions happen inside WordPress.

LemonX Webhooks let developers send real-time events from WordPress to external systems. When content is created, an AEO analysis finishes, a translation is queued, an MCP preview is applied, an indexing request is submitted, a report is generated or a license status changes, LemonX can notify your own apps, dashboards and automation tools.

Build event-driven workflows between LemonX, WordPress, CRMs, client portals, agency dashboards, analytics systems, Make, n8n, Zapier-style automations, Slack alerts and internal platforms.

Event-driven · Signed payloads · Retry-aware · Built for WordPress AI automation

What are LemonX Webhooks?

LemonX Webhooks are outbound event notifications sent from a LemonX-powered WordPress site to an external URL. They allow other systems to react when important LemonX actions occur.

Instead of constantly polling the REST API to check whether something changed, your system can receive an event when the change actually happens.

Real-time event delivery

Receive notifications when LemonX workflows create, update, complete, fail or require review.

Works across LemonX products

Webhooks can cover AEO, Code, Verto, MCP, Pro, Cloud Gateway, reports, tasks and content workflows.

Built for automation

Connect LemonX to CRMs, client dashboards, analytics systems, Slack, Make, n8n, internal tools or custom apps.

Secure by design

Webhook payloads should be signed, timestamped and verified before your system trusts them.

Why it matters

Modern WordPress workflows should not wait for manual checking.

AI-powered websites generate many events: new drafts, content previews, SEO analysis, translation tasks, indexing requests, MCP actions, report generation, usage changes and license updates. Without webhooks, external systems must repeatedly ask WordPress if anything changed.

Webhooks reverse that flow. LemonX tells your system when something important happens.

Without Webhooks

  • External systems must poll the API repeatedly.
  • Automations run late or miss changes.
  • Reports require manual refresh.
  • Client dashboards show outdated data.
  • Failed tasks may go unnoticed.
  • Teams rely on manual checking.
  • Complex workflows become harder to maintain.

With LemonX Webhooks

  • External systems react in near real time.
  • Client portals update automatically.
  • Slack alerts can notify teams.
  • Translation completion can trigger review.
  • MCP actions can be logged externally.
  • Reports can be delivered when ready.
  • Automation platforms can start the next step immediately.
Use cases

What can you build with LemonX Webhooks?

Use Case 1

Agency client dashboard

Send events from client WordPress sites to a central agency dashboard whenever content, SEO, translation, report or MCP activity changes.

Example Events
  • content.updated
  • aeo.analysis_completed
  • verto.translation_completed
  • mcp.action_completed
  • report.generated
  • license.status_changed

Result: Your agency dashboard stays updated without constantly polling each client website.

Use Case 2

Slack or team notifications

Notify your team when important workflows finish, fail or require attention.

Example Events
  • task.failed
  • translation.review_required
  • mcp.preview_created
  • indexing.submitted
  • report.generated
  • quota.warning

Result: Teams can act faster when AI, translation, indexing or report workflows need review.

Use Case 3

Content approval workflow

Trigger an external approval system when AI creates a draft, proposes an update or generates a preview.

Example Events
  • content.draft_created
  • content.preview_created
  • mcp.preview_created
  • seo.preview_created
  • translation.preview_created

Result: Editors, clients or managers can review AI-generated changes before they are applied.

Use Case 4

Multilingual publishing workflow

Send events when translations are queued, completed, failed or ready for human review.

Example Events
  • verto.translation_queued
  • verto.translation_completed
  • verto.translation_failed
  • verto.translation_review_required
  • verto.seo_fields_generated

Result: Global content teams can coordinate multilingual publishing across languages and regions.

Use Case 5

AI activity audit logging

Send MCP tool calls, applied previews and AI-driven changes to an external audit or security system.

Example Events
  • mcp.tool_called
  • mcp.preview_created
  • mcp.preview_applied
  • mcp.action_failed
  • mcp.session_connected
  • mcp.session_revoked

Result: Developers and security teams can track what AI agents did inside WordPress.

Use Case 6

Search and indexing automation

Notify external systems when AEO analysis completes, indexing requests are submitted or search reports are generated.

Example Events
  • aeo.analysis_completed
  • aeo.opportunity_detected
  • aeo.indexing_submitted
  • aeo.schema_generated
  • aeo.report_generated

Result: SEO teams can connect LemonX activity with reporting, project management and campaign tracking tools.

Use Case 7

License and usage monitoring

Send license, entitlement, quota and usage events to account dashboards or billing-related systems.

Example Events
  • license.activated
  • license.expired
  • license.status_changed
  • entitlement.updated
  • usage.quota_warning
  • usage.quota_exceeded

Result: Teams can monitor account access, plan limits and premium feature availability across sites.

Event categories

Webhook events across the LemonX Suite.

LemonX Webhooks should follow the same product structure as the LemonX ecosystem. Each product can emit events related to its own workflows, while shared system events handle tasks, reports, licenses, usage and security.

Category 1

Content Events

Events for posts, pages, drafts and content updates.

Content events notify external systems when WordPress content changes through LemonX workflows.

Example Events
  • content.draft_created
  • content.created
  • content.updated
  • content.preview_created
  • content.preview_applied
  • content.published
  • content.status_changed
  • content.deleted
  • content.migration_preview_created
  • content.migration_completed
Example Use Cases
  • Update a client dashboard when a draft is created.
  • Notify an editor when AI generates a content preview.
  • Trigger QA when a page migration finishes.
  • Send published content to an external marketing system.
  • Log important content changes outside WordPress.
Category 2

LemonX AEO Events

Events for SEO, AEO, AI visibility and indexing workflows.

AEO events notify external systems when search optimization workflows produce new results, recommendations or actions.

Example Events
  • aeo.analysis_started
  • aeo.analysis_completed
  • aeo.analysis_failed
  • aeo.opportunity_detected
  • aeo.schema_generated
  • aeo.internal_links_suggested
  • aeo.indexing_queued
  • aeo.indexing_submitted
  • aeo.indexing_failed
  • aeo.report_generated
  • aeo.citation_detected
  • aeo.brand_mention_detected
Example Use Cases
  • Send SEO opportunities into a project management tool.
  • Notify a team after an AEO audit completes.
  • Update a dashboard when indexing is submitted.
  • Trigger a report when a citation is detected.
  • Record SEO actions in a client activity timeline.
Category 3

LemonX Code Events

Events for AI page generation, templates, OCR and migration workflows.

Code events notify external systems when AI-generated content, page structures, templates or migration tasks are created or updated.

Example Events
  • code.page_generation_started
  • code.page_generation_completed
  • code.page_generation_failed
  • code.section_generated
  • code.template_applied
  • code.knowledge_query_completed
  • code.ocr_started
  • code.ocr_completed
  • code.ocr_failed
  • code.migration_preview_created
  • code.migration_completed
Example Use Cases
  • Notify a team when a landing page draft is ready.
  • Send page generation results to an agency dashboard.
  • Trigger review after OCR processing.
  • Log migration workflows.
  • Create tasks when generated pages need approval.
Category 4

LemonX Verto Events

Events for translation and multilingual SEO workflows.

Verto events notify external systems when content enters translation, translation completes, review is needed or multilingual SEO fields are generated.

Example Events
  • verto.translation_queued
  • verto.translation_started
  • verto.translation_completed
  • verto.translation_failed
  • verto.translation_review_required
  • verto.translation_applied
  • verto.language_added
  • verto.language_disabled
  • verto.slug_translated
  • verto.hreflang_updated
  • verto.seo_fields_generated
  • verto.report_generated
Example Use Cases
  • Notify translators when review is required.
  • Trigger a multilingual QA checklist.
  • Update client dashboard language coverage.
  • Send translated content status to an external system.
  • Submit translated URLs for indexing after approval.
Category 5

LemonX MCP Events

Events for AI agent sessions, tool calls, previews and applied actions.

MCP events notify external systems when AI clients connect, call tools, create previews, apply changes or encounter errors.

Example Events
  • mcp.session_connected
  • mcp.session_disconnected
  • mcp.session_revoked
  • mcp.tool_called
  • mcp.tool_failed
  • mcp.preview_created
  • mcp.preview_applied
  • mcp.preview_discarded
  • mcp.permission_denied
  • mcp.action_completed
  • mcp.action_failed
  • mcp.log_created
Example Use Cases
  • Send MCP activity to a security log.
  • Notify a site owner when AI applies a change.
  • Track which AI client performed an action.
  • Build an external approval timeline.
  • Monitor failed AI tool calls.
  • Alert admins when permissions deny a sensitive action.
Category 6

LemonX Pro & Cloud Gateway Events

Events for license, entitlement, usage and cloud-connected workflows.

Pro and Cloud Gateway events notify external systems when account-level, license-level or cloud-connected states change.

Example Events
  • license.activated
  • license.deactivated
  • license.expired
  • license.renewed
  • license.status_changed
  • entitlement.updated
  • cloud.connected
  • cloud.disconnected
  • cloud.sync_completed
  • cloud.sync_failed
  • usage.recorded
  • usage.quota_warning
  • usage.quota_exceeded
  • update.available
  • update.installed
Example Use Cases
  • Update account dashboards.
  • Notify site owners when licenses expire.
  • Warn agencies before usage limits are reached.
  • Track cloud sync problems.
  • Log premium feature usage.
  • Trigger internal billing or account workflows.
Category 7

Report Events

Events for generated reports and exports.

Report events notify external systems when LemonX generates, updates or exports reports.

Example Events
  • report.created
  • report.generated
  • report.failed
  • report.exported
  • report.sent
  • report.archived
  • report.scheduled
Example Use Cases
  • Send generated reports to client portals.
  • Notify account managers when reports are ready.
  • Store report exports in external systems.
  • Trigger email delivery.
  • Create recurring agency reporting workflows.
Category 8

Task & Queue Events

Events for long-running background jobs.

Task events help developers track workflows that may take time, such as translation, AI generation, OCR, indexing, reports, migration and cloud sync.

Example Events
  • task.created
  • task.started
  • task.completed
  • task.failed
  • task.cancelled
  • queue.paused
  • queue.resumed
  • queue.backlog_warning
  • queue.completed
Example Use Cases
  • Monitor long-running AI jobs.
  • Notify admins about failed background tasks.
  • Trigger retry workflows.
  • Display queue status in external dashboards.
  • Detect hosting or performance issues.
Category 9

Security Events

Events for sensitive actions and access changes.

Security events notify external systems when authentication, permission, API key, webhook or MCP access changes.

Example Events
  • security.api_key_created
  • security.api_key_revoked
  • security.permission_changed
  • security.login_required
  • security.invalid_signature
  • security.webhook_failed
  • security.mcp_access_changed
  • security.protected_resource_blocked
Example Use Cases
  • Send sensitive events to a security monitoring tool.
  • Alert admins when API keys are created.
  • Track revoked MCP sessions.
  • Log failed webhook signature checks.
  • Monitor changes to AI tool permissions.
Payload structure

A clear payload makes webhooks easy to process.

Webhook payloads should be predictable, structured and easy for external systems to parse. Each event should include event type, delivery ID, timestamp, site identity, resource data and event-specific details.

Example Payload

{
  "event": "mcp.preview_applied",
  "delivery_id": "lx_delivery_123456",
  "created_at": "2026-07-04T10:00:00Z",
  "site": {
    "id": "site_abc123",
    "url": "https://example.com",
    "name": "Example WordPress Site"
  },
  "actor": {
    "type": "user",
    "id": 12,
    "role": "administrator"
  },
  "source": {
    "product": "mcp",
    "client": "claude_desktop",
    "tool": "preview_apply"
  },
  "resource": {
    "type": "page",
    "id": 245,
    "url": "https://example.com/services",
    "title": "Services"
  },
  "data": {
    "preview_id": "lx_preview_789",
    "action": "content_update",
    "status": "applied"
  }
}

Recommended Payload Fields

eventdelivery_idcreated_atsiteactorsourceresourcedataapi_versionsignature_contextretry_counttest_mode
Headers

Use headers to verify and process deliveries.

Recommended Headers

X-LemonX-Event: mcp.preview_applied
X-LemonX-Delivery: lx_delivery_123456
X-LemonX-Timestamp: 1783178400
X-LemonX-Signature: sha256=...
X-LemonX-Site: site_abc123
X-LemonX-Version: 1
User-Agent: LemonX-Webhooks/1.0

Header Details

X-LemonX-Event

The event type, such as content.updated or verto.translation_completed.

X-LemonX-Delivery

A unique ID for this delivery attempt. Use it for deduplication and debugging.

X-LemonX-Timestamp

The time the webhook was sent. Use it to prevent replay attacks.

X-LemonX-Signature

A signature generated using the webhook secret. Verify it before trusting the payload.

X-LemonX-Site

The site identity associated with the event.

X-LemonX-Version

The webhook payload version.

Webhook security

Never trust a webhook until you verify it.

A webhook endpoint is a public URL that receives data from LemonX. Because public URLs can receive requests from anyone, your system should verify every delivery before processing it.

Requirement 1

Use HTTPS

Webhook endpoints should use HTTPS. Do not send sensitive event data to plain HTTP endpoints.

Requirement 2

Verify signatures

Each webhook should include a signature generated with a shared secret. Your system should recreate the signature and compare it securely.

Requirement 3

Check timestamp freshness

Reject webhook deliveries with old timestamps to reduce replay attack risk.

Requirement 4

Deduplicate delivery IDs

Store processed delivery IDs so repeated attempts do not trigger duplicate actions.

Requirement 5

Validate event type

Only process event types your system expects.

Requirement 6

Validate payload schema

Do not assume every payload is valid. Check required fields before processing.

Requirement 7

Protect your endpoint

Rate limit webhook endpoints, reject invalid signatures and log suspicious requests.

Verification

Example webhook signature verification.

The exact implementation may vary, but the general pattern is the same: combine timestamp and raw payload, generate an HMAC signature using the shared secret, then compare it to the signature header.

Example Logic

signed_payload = timestamp + "." + raw_body
expected_signature = HMAC_SHA256(webhook_secret, signed_payload)
compare expected_signature with X-LemonX-Signature

Example PHP Verification

function verify_lemonx_webhook( $raw_body, $timestamp, $signature_header, $secret ) {
    if ( empty( $raw_body ) || empty( $timestamp ) || empty( $signature_header ) || empty( $secret ) ) {
        return false;
    }

    $tolerance = 300;
    if ( abs( time() - (int) $timestamp ) > $tolerance ) {
        return false;
    }

    $signed_payload = $timestamp . '.' . $raw_body;
    $expected = 'sha256=' . hash_hmac( 'sha256', $signed_payload, $secret );

    return hash_equals( $expected, $signature_header );
}
Important Note: Always verify the signature against the raw request body, not a re-encoded JSON version. Re-encoding JSON may change whitespace or ordering and cause signature mismatches.
Delivery lifecycle

What happens when a webhook is triggered?

1

Event occurs

A LemonX workflow produces an event such as translation completed, MCP preview applied or report generated.

2

Webhook subscription matches

LemonX checks which webhook endpoints are subscribed to that event type.

3

Payload is created

LemonX builds a structured JSON payload with event details.

4

Signature is generated

LemonX signs the payload using the webhook secret.

5

Event is delivered

LemonX sends an HTTP POST request to the configured endpoint.

6

Receiver verifies request

Your system checks signature, timestamp, event type and payload structure.

7

Receiver returns status

Your endpoint returns a 2xx response if the event was accepted.

8

Retry if needed

If delivery fails, LemonX may retry according to retry rules.

9

Delivery is logged

LemonX stores delivery status for debugging and visibility.

Retries

Webhook delivery should handle temporary failures.

Webhook endpoints can fail for many reasons: network issues, downtime, rate limits, deployment windows or temporary errors. LemonX should support retry behavior for failed deliveries.

Recommended Retry Rules

  • Retry on 5xx responses.
  • Retry on connection timeouts.
  • Retry on temporary network failures.
  • Do not retry on most 4xx responses.
  • Use exponential backoff.
  • Limit maximum retry attempts.
  • Store delivery attempt history.
  • Allow manual resend from the admin UI.

Example Retry Schedule

  • Attempt 1: immediate
  • Attempt 2: after 1 minute
  • Attempt 3: after 5 minutes
  • Attempt 4: after 15 minutes
  • Attempt 5: after 1 hour
  • Attempt 6: after 6 hours

Endpoint Response Recommendation

  • Return 2xx only after your system has accepted the event.
  • Return 4xx when the request is invalid and should not be retried.
  • Return 5xx when the request should be retried later.
Webhook management

Developers need clear controls for webhook endpoints.

LemonX should provide a way to create, test, disable, delete and inspect webhooks. This can be available through the WordPress admin UI, REST API or Cloud Gateway depending on the product configuration.

Recommended Webhook Fields

NameEndpoint URLSubscribed eventsSecretStatusCreated byCreated dateLast deliveryLast successLast failureRetry countDescriptionTest modeEnvironmentAllowed products

Webhook Actions

  • Create webhook
  • Update webhook
  • Disable webhook
  • Delete webhook
  • Rotate secret
  • Send test event
  • Resend failed delivery
  • View delivery history
  • Filter events
  • Enable test mode
REST API

Manage webhooks programmatically.

Developers can use REST API endpoints to register and manage webhooks. These endpoint names are examples and should match the final LemonX implementation.

GET    /wp-json/lemonx/v1/webhooks
POST   /wp-json/lemonx/v1/webhooks
GET    /wp-json/lemonx/v1/webhooks/{id}
PATCH  /wp-json/lemonx/v1/webhooks/{id}
DELETE /wp-json/lemonx/v1/webhooks/{id}
POST   /wp-json/lemonx/v1/webhooks/{id}/test
POST   /wp-json/lemonx/v1/webhooks/{id}/rotate-secret
GET    /wp-json/lemonx/v1/webhooks/{id}/deliveries
POST   /wp-json/lemonx/v1/webhooks/deliveries/{delivery_id}/resend

Example Create Request

{
  "name": "Agency Dashboard",
  "url": "https://agency.example.com/lemonx/webhook",
  "events": [
    "content.updated",
    "aeo.analysis_completed",
    "verto.translation_completed",
    "mcp.preview_applied",
    "report.generated"
  ],
  "status": "active"
}

Example Create Response

{
  "success": true,
  "data": {
    "id": "wh_123",
    "name": "Agency Dashboard",
    "url": "https://agency.example.com/lemonx/webhook",
    "status": "active",
    "events": [
      "content.updated",
      "aeo.analysis_completed",
      "verto.translation_completed",
      "mcp.preview_applied",
      "report.generated"
    ],
    "secret_preview": "whsec_****abcd"
  }
}
Example handler

A simple PHP webhook receiver.

Filtering

Subscribe only to events your system needs.

A busy WordPress site can produce many events. Developers should avoid sending every possible event to every endpoint. Instead, create focused webhook subscriptions.

Agency dashboard webhook

content.updatedaeo.analysis_completedverto.translation_completedreport.generatedlicense.status_changed

Security audit webhook

mcp.tool_calledmcp.preview_appliedsecurity.api_key_createdsecurity.permission_changedsecurity.webhook_failed

Translation workflow webhook

verto.translation_queuedverto.translation_completedverto.translation_failedverto.translation_review_required

Reporting webhook

report.generatedreport.exportedreport.failedtask.failed

Usage monitoring webhook

usage.recordedusage.quota_warningusage.quota_exceededlicense.expiredentitlement.updated
Testing

Test before relying on webhook automation.

1

Create a test endpoint

Use a staging endpoint or webhook inspection tool during development.

2

Send a test event

Use the LemonX webhook test action to send a sample payload.

3

Verify signature logic

Make sure your receiver correctly verifies timestamp and signature.

4

Test retries

Return a temporary 500 response and confirm retry behavior.

5

Test duplicate deliveries

Send the same delivery ID twice and confirm your system does not process it twice.

6

Test event filtering

Confirm your endpoint receives only the events it subscribed to.

7

Test production secrets

Use separate webhook secrets for staging and production.

Automation platforms

Connect LemonX with Make, n8n, Zapier-style workflows and internal systems.

Webhooks make it possible to connect LemonX workflows with automation platforms. When a LemonX event occurs, the automation platform can receive the payload and trigger the next step.

Example Automation 1: Translation completed → Notify reviewer

  1. LemonX sends verto.translation_completed.
  2. Automation sends Slack message to translator.
  3. Reviewer checks translated page.
  4. Approval task is created.

Example Automation 2: AEO opportunity detected → Create project task

  1. LemonX sends aeo.opportunity_detected.
  2. Automation creates task in project management system.
  3. SEO team reviews opportunity.
  4. Content update is scheduled.

Example Automation 3: MCP preview applied → Log to audit sheet

  1. LemonX sends mcp.preview_applied.
  2. Automation adds row to external audit database.
  3. Manager can review AI-applied changes.

Example Automation 4: Report generated → Send client email

  1. LemonX sends report.generated.
  2. Automation fetches report or uses payload data.
  3. Client email is prepared or sent.

Example Automation 5: Quota warning → Notify account owner

  1. LemonX sends usage.quota_warning.
  2. Automation alerts account owner.
  3. Team decides whether to upgrade or reduce usage.
Best practices

Build reliable webhook integrations.

Best Practice 1: Verify every webhook

Do not process unsigned or invalid webhook requests.

Best Practice 2: Use idempotency

Webhook deliveries may be retried. Use delivery IDs to prevent duplicate processing.

Best Practice 3: Respond quickly

Return a response as soon as possible. For slow work, queue the job in your own system.

Best Practice 4: Subscribe narrowly

Only subscribe to events your endpoint needs.

Best Practice 5: Store delivery logs

Keep a record of delivery IDs, event types, timestamps and processing status.

Best Practice 6: Separate staging and production

Use different endpoints and secrets for different environments.

Best Practice 7: Rotate secrets

Rotate webhook secrets when team members change or if a secret may be exposed.

Best Practice 8: Handle unknown events gracefully

Your system should not break when LemonX adds new event types.

Best Practice 9: Do not trust payload alone

Verify signature, timestamp, event type and required fields.

Best Practice 10: Use REST API for follow-up details

Webhook payloads should contain enough information to react. If your system needs full details, use the REST API to fetch the latest resource state.

Common webhook integration mistakes.

Not verifying signaturesThis allows anyone to send fake events to your endpoint.
Processing duplicate deliveriesRetries can cause duplicate actions if you do not store delivery IDs.
Doing slow work inside the webhook requestLong processing can cause timeouts. Queue slow tasks and respond quickly.
Subscribing to every eventToo many unnecessary events create noise and increase failure risk.
Using the same secret everywhereStaging, production and different systems should use separate secrets.
Ignoring failed deliveriesFailed deliveries should be visible and retryable.
Treating webhooks as guaranteed orderEvents may arrive out of order. Use timestamps and resource state checks.
Not validating payload versionsWebhook formats may evolve. Check version fields and handle changes gracefully.
Webhooks vs REST API

Use webhooks to react. Use REST API to request.

REST API

Your system asks LemonX for data or triggers an action.

Best for

  • Fetching reports
  • Creating drafts
  • Checking license state
  • Submitting URLs
  • Reading task status
  • Managing webhook settings
  • Building dashboards

Webhooks

LemonX tells your system when something happens.

Best for

  • Reacting to events
  • Sending alerts
  • Updating dashboards
  • Starting automations
  • Logging AI actions
  • Triggering external review
  • Syncing state after changes

Summary: REST API is request-based. Webhooks are event-based. Most serious integrations should use both.

MCP events

MCP actions become more useful when they are observable.

When AI agents operate WordPress through LemonX MCP, webhooks can make those actions visible to external systems.

Example MCP Webhook Flow

  1. Claude connects to WordPress through MCP.
  2. AI reads a landing page.
  3. AI creates a preview update.
  4. User approves the update.
  5. LemonX applies the update.
  6. Webhook sends mcp.preview_applied to external audit system.
  7. Agency dashboard records the change.

Why it matters: AI actions should not disappear into the background. Webhooks make MCP workflows observable, auditable and easier to coordinate with human teams.

Event reference

Suggested event naming convention.

Pattern

product.resource_action

Examples

content.draft_created
content.updated
aeo.analysis_completed
verto.translation_completed
mcp.preview_applied
report.generated
license.status_changed
usage.quota_warning
security.api_key_revoked

Naming Guidelines

  • Use lowercase.
  • Use dots to separate product and action.
  • Use past-tense actions for completed events.
  • Use clear names that describe what happened.
  • Keep event names stable across versions.
  • Avoid overloading one event with too many meanings.
Error handling

Make failed deliveries easy to debug.

StatusMeaningRecommended Action
pendingDelivery has not been attempted yetWait
deliveredEndpoint returned 2xxNo action needed
retryingDelivery failed and will retryCheck endpoint logs
failedDelivery failed after all attemptsResend manually or fix endpoint
disabledWebhook endpoint was disabledReview configuration
signature_failedReceiver rejected signatureCheck secret
timeoutEndpoint did not respond in timeRespond faster or queue work
invalid_urlEndpoint URL is invalidFix URL
rate_limitedEndpoint rejected too many requestsReduce event volume

Recommended Debug Fields

Delivery IDEvent typeEndpoint URLHTTP statusAttempt countLast errorNext retry timePayload previewCreated timeLast attempted time
Privacy

Send only the event data your integration needs.

Webhook payloads should include enough data to identify and process the event, but they should avoid sending unnecessary sensitive information.

Recommended Payload Strategy

  • Include IDs and URLs when possible.
  • Include summaries instead of full content unless required.
  • Use REST API follow-up calls for full resource details.
  • Avoid sending private API keys.
  • Avoid sending passwords or secrets.
  • Avoid sending unrelated user data.
  • Respect site privacy settings.
  • Allow admins to choose which events are sent.
Example: For content.updated, a webhook may send the content ID, title, URL, status and update type. If the external system needs the full content body, it can call the REST API with proper authentication.

Build event-driven workflows around LemonX.

Use webhooks to connect WordPress AI actions, SEO workflows, translation progress, MCP activity, reports and cloud events with your own tools and automation systems.

Webhooks FAQ

What are LemonX Webhooks?
LemonX Webhooks are event notifications sent from WordPress to external systems when LemonX workflows create, update, complete, fail or require review.
When should I use webhooks instead of REST API polling?
Use webhooks when your system needs to react when something happens. Use REST API polling only when event delivery is not available or when you need to fetch current state on demand.
Are webhook payloads signed?
They should be signed with a shared secret so receiving systems can verify that the event came from LemonX.
Can I subscribe to only some events?
Yes. Webhook subscriptions should allow you to select specific event types.
What happens if my endpoint is down?
LemonX should retry failed deliveries according to retry rules and show delivery history for debugging.
Can I resend a failed webhook?
A webhook management UI or API should allow failed deliveries to be resent.
Can webhooks be used with MCP?
Yes. MCP events can notify external systems when AI tools are called, previews are created, previews are applied or actions fail.
Can webhooks trigger Make or n8n workflows?
Yes. Webhooks are a natural way to connect LemonX with automation platforms such as Make, n8n or custom workflow systems.
Should webhook endpoints return data?
Usually no. Webhook endpoints should acknowledge receipt quickly. If more work is needed, queue it in your own system.
Can webhooks include full content?
They can, but it is often better to send resource IDs and summary data, then use the REST API to fetch full details when needed.

Let your systems react when WordPress changes.

LemonX Webhooks turn AI, SEO, translation, MCP and cloud workflows into events your external systems can understand and act on.