Challenge 2: Design a task.completed Webhook — Possible Solution ==================================================================== POST https://integrator-app.com/webhooks HTTP/1.1 Content-Type: application/json X-Signature: t=1717003600,v1=f2a9d81b... { "id": "evt_9c31", "type": "task.completed", "data": { "taskId": 501, "completedAt": "2026-07-06T14:32:00Z" } } WHY THIS WORKS AS AN ANSWER ------------------------------ This follows the exact shape the chapter's task.updated example established, changed only where it genuinely needs to differ: - The X-Signature header is present in the same "t=...,v1=..." format, since EVERY webhook the platform sends needs to be signed the same way, regardless of event type — signature verification isn't specific to one kind of event. - "id" is a fresh, unique event identifier ("evt_9c31", distinct from the earlier "evt_88f2") — every individual event needs its OWN id for deduplication purposes, even if it's logically related to the same task. - "type" is changed to "task.completed" to reflect what actually happened, which is the whole reason a receiver would need to distinguish this event from a task.updated or task.created event in the first place. - "data" is adapted to include a "completedAt" timestamp rather than just a status field, since "when was it completed" is more directly useful information for this SPECIFIC event type than repeating a generic status string. The receiver would verify X-Signature and deduplicate on "evt_9c31" using the exact same logic as any other webhook event — nothing about the verification or deduplication process changes based on event type, only the payload shape reflects what's specific to what happened.