Webhooks & Callbacks
A rule set does not have to run start-to-finish in one shot. It can pause, hand control to an outside system or a person, and resume later when that party calls back — and an extension can call back into the project that invoked it.
Resuming a paused run
When an API action is set to continue asynchronously, the run suspends after its outbound call and waits. The external system does its work and then calls back to resume the run, supplying any data it produced. That data is merged into the run's context, so the resumed rule set can act on whatever the caller returned. Resuming a run this way uses an API key, the same as starting one — see API Access.
Extension callbacks
An extension runs as its own rule set, separate from the project that calls it. When it finishes, it hands its declared outputs back to the calling project's context. This is an in-engine callback — the bridge that lets a packaged extension behave like a function the caller can read a result from.
Human-intervention links
A run can also pause to wait for a person. When a rule requests human intervention, the engine produces a secure link that does not require a sign-in. Opening the link shows the pending form, and submitting it resumes the run with the person's input. The link carries a single-use key, so it works only once and cannot be reused or shared after it has been answered. See Human Intervention for the authoring side.
These callbacks bring data into a run. To reach out to other services mid-run, use API actions and extensions, which make outbound calls as the rule set executes.
A continuation callback authenticates with an API key, and a human-intervention link is guarded by a single-use key. Treat both as secrets: anyone holding them can advance the run.