Webhook Events
AVIEL sends structured JSON payloads to your registered webhook endpoint. All events share a common envelope with an event type field and a data object specific to that event type.
Delivery: at-least-once with exponential backoff retry (1s, 5s, 30s, 5m, 30m). Your endpoint must return 2xx within 10 seconds to acknowledge receipt.
Event types
intercept.triggered
Honeybot has entered the conversation
{
"event": "intercept.triggered",
"timestamp": "2025-09-14T14:32:07Z",
"data": {
"intercept_id": "int_9b4c1e...",
"customer_id": "cust_8f3a2d...",
"channel": "sms",
"scam_type_detected": "investment_impersonation"
}
}
intercept.stall_confirmed
Scammer is actively engaged — stall duration confirmed
{
"event": "intercept.stall_confirmed",
"timestamp": "2025-09-14T18:44:21Z",
"data": {
"intercept_id": "int_9b4c1e...",
"stall_duration_minutes": 252,
"scammer_message_count": 17
}
}
fingerprint.created
New scammer fingerprint generated from intercept data
{
"event": "fingerprint.created",
"timestamp": "2025-09-14T18:44:22Z",
"data": {
"fingerprint_id": "fp_9b4c1e...",
"intercept_id": "int_9b4c1e...",
"device_hash": "a8f3d2e1...",
"confidence": "high"
}
}
alert.fraud_ops
Fraud ops alert ready for queue — full profile attached
{
"event": "alert.fraud_ops",
"timestamp": "2025-09-14T18:44:23Z",
"data": {
"alert_id": "alrt_3f7d9b...",
"intercept_id": "int_9b4c1e...",
"fingerprint_id": "fp_9b4c1e...",
"recommendation": "block_transfer",
"priority": "high"
}
}
payment.protected
Transfer flagged — fraud ops reviewed and blocked
{
"event": "payment.protected",
"timestamp": "2025-09-14T19:02:45Z",
"data": {
"intercept_id": "int_9b4c1e...",
"customer_id": "cust_8f3a2d...",
"resolution": "transfer_blocked",
"total_stall_minutes": 270
}
}
Signature verification
All webhook deliveries include an X-AVIEL-Signature header containing an HMAC-SHA256 signature of the raw request body. Verify it against your webhook signing secret (available in your dashboard) to confirm authenticity.