Agent Skill · Hookdeck

deepgram-webhooks

Receive and verify Deepgram webhooks (callbacks). Use when setting up Deepgram webhook handlers, processing transcription callbacks, or handling asynchronous transcription results.

View SKILL.md on GitHub → Source repository Provider profile

Provider: Hookdeck Path in repo: skills/deepgram-webhooks/SKILL.md

Skill body

Deepgram Webhooks

When to Use This Skill

Setting up Deepgram callback handlers for transcription results
Processing asynchronous transcription results from Deepgram
Implementing webhook authentication for Deepgram callbacks
Handling transcription completion events

Essential Code

Deepgram webhooks (callbacks) are used to receive transcription results asynchronously. When you provide a callback URL in your transcription request, Deepgram immediately responds with a request_id and sends the transcription results to your callback URL when processing is complete.

Basic Webhook Handler

// Express.js example
app.post('/webhooks/deepgram', express.raw({ type: 'application/json' }), (req, res) => {
  // Verify webhook authenticity using dg-token header
  const dgToken = req.headers['dg-token'];

  if (!dgToken) {
    return res.status(401).send('Missing dg-token header');
  }

  // Verify the token matches your expected API Key Identifier
  // The dg-token contains the API Key Identifier used in the original request
  if (dgToken !== process.env.DEEPGRAM_API_KEY_ID) {
    return res.status(403).send('Invalid dg-token');
  }

  // Parse the transcription result
  const transcriptionResult = JSON.parse(req.body.toString());

  // Process the transcription
  console.log('Received transcription:', transcriptionResult);

  // Return success to prevent retries
  res.status(200).send('OK');
});

Authentication Methods

Deepgram supports two authentication methods for webhooks:

dg-token Header: Automatically included, contains the API Key Identifier
Basic Auth: Embed credentials in the callback URL

// Using dg-token header (recommended)
const verifyDgToken = (req, res, next) => {
  const dgToken = req.headers['dg-token'];

  if (!dgToken || dgToken !== process.env.DEEPGRAM_API_KEY_ID) {
    return res.status(403).send('Invalid authentication');
  }

  next();
};

// Basic Auth in callback URL
// https://username:[email protected]/webhooks/deepgram

Making a Request with Callback

curl \
  --request POST \
  --header 'Authorization: Token YOUR_DEEPGRAM_API_KEY' \
  --header 'Content-Type: audio/wav' \
  --data-binary @audio.wav \
  --url 'https://api.deepgram.com/v1/listen?callback=https://your-domain.com/webhooks/deepgram'

Common Event Types

Deepgram sends transcription results as webhook payloads. The structure varies based on the features enabled in your request:

Field	Description	Always Present
`request_id`	Unique identifier for the transcription request	Yes
`created`	Timestamp when transcription was created	Yes
`duration`	Length of the audio in seconds	Yes
`channels`	Number of audio channels	Yes
`results`	Transcription results by channel	Yes
`results.channels[].alternatives`	Transcription alternatives	Yes
`results.channels[].alternatives[].transcript`	The transcribed text	Yes
`results.channels[].alternatives[].confidence`	Confidence score (0-1)	Yes

Environment Variables

# Your Deepgram API Key (for making requests)
DEEPGRAM_API_KEY=your_api_key_here

# API Key Identifier (shown in Deepgram console, used to verify dg-token)
# Note: This is NOT your API Key secret - it's a unique identifier shown
# in the Deepgram console that identifies which API key was used for a request
DEEPGRAM_API_KEY_ID=your_api_key_id_here

# Your webhook endpoint URL
WEBHOOK_URL=https://your-domain.com/webhooks/deepgram

Local Development

For local webhook testing, install Hookdeck CLI:

# Create a local tunnel (no account required)
npx hookdeck-cli listen 3000 deepgram --path /webhooks/deepgram

# Use the provided URL as your callback URL when making Deepgram requests

This provides:

Local tunnel URL for testing
Web UI for inspecting webhook payloads
Request history and debugging tools

Important Notes

Retry Behavior

Deepgram retries failed callbacks (non-200-299 status) up to 10 times
30-second delay between retry attempts
Always return 200-299 status for successfully processed webhooks

Port Restrictions

Only ports 80, 443, 8080, and 8443 are allowed for callbacks
Ensure your webhook endpoint uses one of these ports

No Signature Verification

Deepgram uses a simple token-based authentication via the dg-token header rather than cryptographic HMAC signatures used by other providers
Authentication relies on the dg-token header or Basic Auth
Always use HTTPS for webhook endpoints

Resources

overview.md - What Deepgram webhooks are, transcription events
setup.md - Configure callbacks in Deepgram API requests
verification.md - Authentication methods and security considerations
examples/ - Complete implementations for Express, Next.js, and FastAPI

Recommended: webhook-handler-patterns

For production handlers, install the patterns skill alongside this one. Key references (links work when only this skill is installed):

stripe-webhooks - Stripe payment webhooks
shopify-webhooks - Shopify store webhooks
github-webhooks - GitHub repository webhooks
webhook-handler-patterns - Idempotency, error handling, retry logic
hookdeck-event-gateway - Webhook infrastructure that replaces your queue — guaranteed delivery, automatic retries, replay, rate limiting, and observability for your webhook handlers

Skill frontmatter

license: MIT metadata: {"author"=>"hookdeck", "version"=>"0.1.0", "repository"=>"https://github.com/hookdeck/webhook-skills"}