Monitor web changes with n8n
n8n can run almost any workflow, but it needs something to start it. Polling a page from an HTTP node is noisy and fires on every cosmetic tweak. Hypeline sends one HMAC-signed webhook per genuinely-new change, so a workflow runs exactly when a source really changed and never on template or timestamp churn.
The mental model: a webhook starts the workflow
An automation platform is event driven, so it fits the push pattern. You add an n8n Webhook trigger node, register its URL as a Hypeline webhook, and point it at the sources you care about. Each real change becomes a signed POST that starts one workflow run, with the event as input. No schedule, no wasted polls.
Register the webhook
Copy the Production URL from your n8n Webhook node. In Hypeline a webhook is a destination on an alert: first create an alert (the sources to watch plus a filter), then add a webhook destination to it. The destination create response reveals a whsec_ signing secret exactly once, which you keep for verification. Both calls use your dashboard session token, or you can add the alert and destination in the dashboard UI.
# 1. Create an alert: a filter plus the sources to watch (empty = your whole library).
curl -X POST https://api.hypeline.io/v1/alerts \
-H "Authorization: Bearer $HYPELINE_TOKEN" \
-H "Content-Type: application/json" \
-d '{"filter_query":"price OR plan","language":"en","source_ids":[]}'
# 2. Add your n8n Webhook URL as a destination on that alert (secret revealed once).
curl -X POST https://api.hypeline.io/v1/alerts/{alert_id}/destinations \
-H "Authorization: Bearer $HYPELINE_TOKEN" \
-H "Content-Type: application/json" \
-d '{"kind":"webhook","url":"https://n8n.example/webhook/hypeline"}' Verify the signature, then act
Hypeline signs every delivery with the Standard Webhooks HMAC scheme. Verify it in a Code node before the workflow trusts the payload, so a forged request cannot trigger your automation.
const crypto = require('crypto');
const secret = 'whsec_...'; // from the destination create response
const headers = $input.first().json.headers;
const raw = $input.first().json.body; // exact bytes as received
const id = headers['webhook-id'];
const ts = headers['webhook-timestamp'];
// Derive the raw HMAC key: strip the whsec_ prefix, standard-base64-decode.
const key = Buffer.from(secret.replace(/^whsec_/, ''), 'base64');
const signed = `${id}.${ts}.${raw}`;
const digest = crypto.createHmac('sha256', key).update(signed).digest('base64');
const sent = headers['webhook-signature'].split(' ').map(s => s.split(',')[1]);
if (!sent.includes(digest)) throw new Error('bad signature');
return [{ json: JSON.parse(raw) }]; // verified event flows downstream From here, wire the verified event into any n8n node: post the change to Slack, open a ticket, append a row, or call another API. The event carries the source URL, a title, the extracted content, and timestamps on one stable schema.
Why Hypeline, not a page-change checker
- Deduplicated on extracted content. A workflow runs on real changes to the main text, not on ads, banners, or timestamps.
- One schema across every source. Feeds, watched pages, and streaming sources all deliver the same event shape, so one workflow handles a mixed set of sources.
- Signed and safe. Every delivery is HMAC-signed, so only genuine Hypeline events can start the workflow.
- No duplicate runs. Because the same change is never re-emitted, a source that mutates on every load does not spam your automation.
Frequently asked questions
Do I need a custom node?
No. The built-in Webhook trigger node is enough: register its URL with Hypeline and verify the HMAC signature in a Code node. Any change becomes one workflow run.
How do I stop spoofed requests?
Verify the Standard Webhooks HMAC signature before the workflow trusts the body. Hypeline signs the webhook id, timestamp, and payload, so a request without a valid signature is rejected. The full recipe is on the verify-webhook-signatures guide.
Will a busy page trigger the workflow constantly?
No. Hypeline extracts the main content and deduplicates, so it fires only when content genuinely changed, not on timestamp or template churn. That keeps workflow runs proportional to real changes.
Can one webhook cover several sources?
Yes. An alert can watch several sources (or your whole library) behind one filter, and a webhook destination on that alert receives every real change on the same schema, so the workflow does not care which source moved.
Give your agents eyes on the web
Add your email and we'll tell you the moment your agents can start watching the web live.
No spam. One email when it goes live.