Should webhook URLs be optional?



My initial experience with GitHub Integrations was from the perspective of someone looking to migrate an internal corporate service off the personal OAuth token flow. The service in question does not serve HTTP and does not need to respond to events. Integrations are appealing because they allow us to decouple the availability of our GitHub-integrated services from the availability of privileged staff identities and credentials. (Service accounts were never particularly appealing, partly because managing shared access to MFA tokens can be a bit of a faff.)

I expect our Integrations will always be private to our Organization. Installation events are therefore of little use.

When setting up my first Integration, I was surprised that the form required a webhook URL. It is not possible to register a new Integration without one. I ended up mashing in a load of rubbish to appease the form validator. The resulting Installation worked just fine. Though, it is a bit confusing to see a populated webhook URL in the Integration’s configuration.

Would it make sense to permit an empty webhook URL for private Integrations that are not scoped for events?


If you don’t like errors in the log, you can set it to

(can’t believe I’ve actually found a use for /dev/null as a service…)


:wave: @saj,

Thanks for this request and for explaining the use case. This is something we’ll take into consideration to add in the future. We’ll leave this thread open as we’re curious if others have the same needs.


I have an integration that doesn’t run an HTTP server. Right now, its webhook URL is pointed at DevNullAsAService. It publishes stuff to a gh_pages branch.

(on an unrelated note, GitHub isn’t republishing the page when the integration pushes to it; I assume there’s a work queue somewhere that isn’t getting the message)