Developer Documentation
Website Scanner
The Tinfoil Web Scanner Webhooks send notifications externally at different points of a scan's lifecycle. You can edit scan webhook settings from your Dashboard.
By default, a JSON payload will be delivered via POST. If the URL ends with '.xml' then an XML payload will be provided instead. The webhook will try to be delivered 5 times with exponential backoff if an HTTP 200 response is not received.
Scan Started Webhook Payload
{
"scan_started_webhook": {
"site": {
"id": "example-site",
"name": "Example Site",
"url": "http://example.com",
"auth_types": [
],
"configuration_add_ons": {
"auto_throttle_disabled": false,
"crawl_robots_txt_disabled": false,
"crawl_sitemap_disabled": false,
"dom_dedupe_disabled": false,
"javascript_enabled": false,
"javascript_customization": null,
"path_customization": null,
"header_customization": null,
"scan_webhooks": null
},
"request_rate": 40,
"schedule": null
},
"scan": {
"id": "se987654321",
"start_time": "2024-04-20 05:55:58 UTC",
"end_time": "2024-04-20 05:56:58 UTC",
"scan_type": "full",
"status": "done"
}
}
}Returns a summary of the site and associated scan as it begins.
Scan Finished Webhook Payload
{
"scan_finished_webhook": {
"site": {
"id": "example-site",
"name": "Example Site",
"url": "http://example.com",
"auth_types": [
],
"configuration_add_ons": {
"auto_throttle_disabled": false,
"crawl_robots_txt_disabled": false,
"crawl_sitemap_disabled": false,
"dom_dedupe_disabled": false,
"javascript_enabled": false,
"javascript_customization": null,
"path_customization": null,
"header_customization": null,
"scan_webhooks": null
},
"request_rate": 40,
"schedule": null
},
"scan": {
"id": "se987654321",
"start_time": "2024-04-20 05:55:58 UTC",
"end_time": "2024-04-20 05:56:58 UTC",
"scan_type": "full",
"status": "done"
}
}
}Returns a summary of the site and associated scan as it is finished or cancelled.