SaaS Factory Is Now Infrastructure: Introducing the Public REST API & Outbound Webhooks
SaaS Factory Is Now Infrastructure: Introducing the Public REST API & Outbound Webhooks
Version 1.0.147
SaaS Factory has always described itself as AI infrastructure for building software products. With today's release, that claim has teeth. We're shipping a public REST API and an outbound webhook system — the two primitives that turn a dashboard into a platform that other tools can build on top of.
The Problem We're Solving
Before this release, every interaction with SaaS Factory required a human in a browser. Want to trigger a pipeline from a GitHub Action? Log into the dashboard. Want to know when a deployment finished so your Slack channel can be notified? Poll the dashboard. Want to wire SaaS Factory into your Zapier or n8n automation? You couldn't.
That's a walled garden, not infrastructure. Competitors in the developer tools space offer CI/CD hooks and event-driven integration as table stakes. This release closes that gap.
The Public REST API
All public endpoints live under /api/v1/ and follow standard REST conventions.
Authentication
Every request must include a bearer token in the Authorization header:
GET /api/v1/features HTTP/1.1
Authorization: Bearer sfk_live_xxxxxxxxxxxxxxxxxxxx
API keys are issued from Dashboard → Settings → Developer → API Keys. Keys are scoped to your workspace and should be treated as secrets — store them in environment variables, never in source code.
Rate Limiting
All public API endpoints are rate-limited. Responses include standard rate-limit headers:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 87
X-RateLimit-Reset: 1706745600
Requests that exceed the limit receive a 429 Too Many Requests response.
Core Endpoints
| Method | Path | Description |
|---|---|---|
GET | /api/v1/features | List features and their current status |
GET | /api/v1/features/:id | Get a single feature with full detail |
POST | /api/v1/pipelines/trigger | Trigger a development pipeline |
GET | /api/v1/pipelines/:id | Get pipeline run status |
GET | /api/v1/deployments | List recent deployments |
Full endpoint reference is available in the API Reference section.
Outbound Webhooks
Rather than polling the API, subscribe to events and let SaaS Factory push to you.
Registering a Webhook Endpoint
- Go to Dashboard → Settings → Developer → Webhooks
- Click Add Endpoint
- Enter your HTTPS URL and select the event types you want to receive
- Save — SaaS Factory will immediately attempt a verification ping
Event Types
| Event | Fired When |
|---|---|
pipeline.completed | A development pipeline finishes (success or failure) |
feature.discovered | The AI discovery agent surfaces a new feature candidate |
deployment.successful | A release is successfully deployed to production |
Payload Shape
All webhook payloads share a common envelope:
{
"id": "evt_01HXYZ123456",
"type": "pipeline.completed",
"created_at": "2025-01-31T14:23:00Z",
"data": {
"pipeline_id": "pipe_01HABC789",
"status": "success",
"feature_id": "feat_01HDEF456",
"duration_ms": 142300
}
}
Verifying Webhook Signatures
Every outbound request includes an X-SaasFactory-Signature header. Verify it before processing the payload:
import { createHmac } from 'crypto';
function verifyWebhookSignature(
payload: string,
signature: string,
secret: string
): boolean {
const expected = createHmac('sha256', secret)
.update(payload)
.digest('hex');
return `sha256=${expected}` === signature;
}
Your webhook signing secret is displayed once when you register the endpoint. Store it securely.
Delivery & Retries
Webhook delivery runs as an Inngest background function, which means:
- Deliveries are retried automatically on non-2xx responses
- Retry backoff is exponential with jitter
- Failed deliveries are visible in Dashboard → Settings → Developer → Webhooks → Delivery Log
Example Integrations
GitHub Actions: Trigger a Pipeline on Push
- name: Trigger SaaS Factory pipeline
run: |
curl -X POST https://app.saasfactory.ai/api/v1/pipelines/trigger \
-H "Authorization: Bearer ${{ secrets.SAAS_FACTORY_API_KEY }}" \
-H "Content-Type: application/json" \
-d '{"feature_id": "feat_01HDEF456"}'
Slack: Notify on Deployment
Register your Slack incoming webhook URL as a SaaS Factory webhook endpoint subscribed to deployment.successful. No middleware needed — SaaS Factory will POST the event payload directly to Slack's incoming webhook format.
Zapier / n8n
Use the Webhooks trigger in Zapier or n8n and point it at a publicly accessible URL. Register that URL in SaaS Factory and select the events you want. Your automation receives structured JSON for every event.
Getting Started
- Generate an API key — Dashboard → Settings → Developer → API Keys → New Key
- Register a webhook endpoint (optional) — Dashboard → Settings → Developer → Webhooks → Add Endpoint
- Make your first API call —
GET /api/v1/featureswith your bearer token - Verify the signature on incoming webhook payloads using the signing secret
Full API documentation is available at /docs/api-reference.