Developer

Webhooks overview

Public webhooks

Public webhooks let you trigger actions on your compose_run stacks from the outside — typically from a CI/CD pipeline, a cron job, or another integration.

Why?

You push code, your CI builds an image, and you want compose_run to automatically redeploy your production stack. Webhooks provide that entry point.

Authentication

No cookie, no OAuth — authentication is done via an organization API key with the appropriate scope (e.g. deploy).

The API key is passed:

either as a query parameter ?token=...
or as a header token: ...

📌 Create and manage your API keys from the app: Settings → API keys.

Available endpoints

Redeploy a stack

Code
curl -X POST "https://app.composerun.eu/api/webhook/deploy?\
token=YOUR_API_KEY&\
stack_id=STACK_UUID&\
project_id=PROJECT_UUID"

→ See the full API reference for all parameters, response codes and schemas.

GitHub Actions example


Code
- name: Trigger compose_run redeploy
  run: |
    curl -fsSL -X POST \
      -H "token: ${{ secrets.COMPOSERUN_API_KEY }}" \
      "https://app.composerun.eu/api/webhook/deploy?\
stack_id=${{ vars.STACK_ID }}&project_id=${{ vars.PROJECT_ID }}"

Best practices

🔐 Store your API key in your CI's secrets (never plaintext in the repo)
🎯 Use a dedicated API key per environment (prod / staging)
♻️ Rotate API keys regularly
📉 Limit the scope to the minimum required (deploy only when possible)

📝 Page to be completed — GitLab CI examples, cron scripts, error handling.

Last modified on May 3, 2026