concepts / sources

Sources

A source is any system that sends webhooks to Kite. Each source gets a unique relay endpoint URL. Kite verifies the signature, normalizes the payload to a CloudEvent, and delivers it to your listeners.

How sources work

When you register a source, Kite allocates a permanent HTTPS endpoint: https://hooks.getkite.sh/s/<source-id>. Point your provider's webhook settings at that URL. Kite handles the rest:

Receive the inbound HTTP POST from the provider.
Verify the HMAC signature using your stored secret.
Wrap the payload in a CloudEvents v1.0 envelope.
Route the event to all matching listeners and sinks.

$ kite sources create --name my-stripe \
  --type stripe \
  --secret $STRIPE_WEBHOOK_SECRET

The command prints your relay URL. Paste it into your Stripe webhook settings.

Supported sources

Source	Events	Verified
`stripe`	payment_intent., invoice., checkout.*	✓ HMAC
`github`	push, pull_request, issues, workflow_run, …	✓ HMAC
`slack`	message, event_callback, shortcut, …	✓ HMAC
`linear`	Issue, Comment, Project, …	✓ HMAC
`shopify`	orders/create, products/update, …	✓ HMAC
`twilio`	message, call, …	✓ HMAC
`pagerduty`	incident.trigger, incident.resolve, …	✓ HMAC
`http`	any custom HTTP sender	—

Custom HTTP sources

Any system that can send an HTTP POST can be a source. Use --type http for sources without native signature support. Unverified events are still delivered but are flagged in the CloudEvent extension fields:

{
  "kite-verified": "false",
  "kite-source": "http"
}

Your sink can inspect these fields and apply its own trust policy.

GitHub: automated install

For GitHub repos you own, Kite can install the webhook for you via kite github install. It uses your local gh auth token and sets up HMAC verification automatically.

$ kite github install --repo owner/repo \
  --events push,pull_request \
  --forward http://localhost:8080/webhook

Next: Sinks

Sources feed events into sinks — where Kite delivers them. Learn how to forward, filter, and fan out events.