Skip to main content
Webhooks enable real-time data delivery to your server. Instead of polling for updates, receive data as events occur.

Overview

Real-time delivery

Receive events instantly

Push-based

Data sent to your server

Efficient

No polling required

Reliable

Retry and recovery support

Webhook types

TypeDescription
Filtered Stream WebhooksReceive filtered stream Posts via webhook
Account Activity APIReceive account activity events

How webhooks work

┌──────────┐      ┌──────────┐      ┌──────────┐
│ X Event  │  →   │ X Server │  →   │ Your     │
│ Occurs   │      │          │      │ Webhook  │
└──────────┘      └──────────┘      └──────────┘
  1. Event occurs — A user posts, sends a DM, etc.
  2. X sends request — POST request to your webhook URL
  3. You process — Your server handles the event
  4. Respond 200 — Return 200 OK to acknowledge

Webhook requirements

RequirementDescription
HTTPSWebhook URL must use HTTPS
PublicURL must be publicly accessible
Fast responseRespond within 10 seconds
200 OKReturn 200 status to acknowledge

Security

Challenge-Response Check (CRC)

X validates your webhook by sending a CRC request. Respond with an HMAC-SHA256 hash: 
import hmac
import hashlib
import base64

def handle_crc(crc_token, consumer_secret):
    sha256_hash = hmac.new(
        consumer_secret.encode(),
        crc_token.encode(),
        hashlib.sha256
    ).digest()
    
    return {
        "response_token": "sha256=" + base64.b64encode(sha256_hash).decode()
    }

Signature verification

Verify webhook authenticity using the x-twitter-webhooks-signature header.

Getting started

Prerequisites

Filtered Stream Webhooks

Receive filtered Posts via webhook

Account Activity API

Receive account events via webhook