curl --request POST \
  --url https://brew.new/api/v1/events \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "triggerEventId": "tri_password_reset",
  "payload": {
    "email": "jane@example.com",
    "resetUrl": "https://app.example.com/reset/abc123"
  }
}
'

{
  "success": true,
  "status": "triggered",
  "code": "TRIGGERED",
  "message": "Trigger event accepted and matched published attachments.",
  "triggerEventId": "tri_order_completed",
  "receivedAt": "2026-04-08T12:34:56.789Z",
  "details": {
    "resolvedPayload": {
      "email": "jane@example.com",
      "orderId": "ord_42"
    },
    "executionIds": [
      "exec_01HZX1",
      "exec_01HZX2"
    ],
    "counts": {
      "transactionalEmails": 0,
      "automations": 2
    }
  }
}

Events

Fire a trigger event

Fires a published trigger event by its internal triggerEventId. The path is fixed at /v1/events — trigger names, titles, and providerEventKey are descriptors and never appear in the URL.

On success, every published automation attached to the trigger is started and its executionId is returned. Published transactional emails attached to the trigger are also delivered as part of the same fire.

Idempotency

Send a stable Idempotency-Key HTTP header on every retry — Brew namespaces the token with your org and dedups on (provider="brew_api", externalEventId) so a replay returns the original executionIds (status idempotent_replay) instead of starting new workflow runs. The legacy body field idempotencyKey is supported for back-compat; new integrations should use the header.

Brand scoping: the trigger event must belong to the API key brand. A 403 BRAND_SCOPE_MISMATCH is returned when the matched trigger is in a different brand.

POST

events

curl --request POST \
  --url https://brew.new/api/v1/events \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "triggerEventId": "tri_password_reset",
  "payload": {
    "email": "jane@example.com",
    "resetUrl": "https://app.example.com/reset/abc123"
  }
}
'

{
  "success": true,
  "status": "triggered",
  "code": "TRIGGERED",
  "message": "Trigger event accepted and matched published attachments.",
  "triggerEventId": "tri_order_completed",
  "receivedAt": "2026-04-08T12:34:56.789Z",
  "details": {
    "resolvedPayload": {
      "email": "jane@example.com",
      "orderId": "ord_42"
    },
    "executionIds": [
      "exec_01HZX1",
      "exec_01HZX2"
    ],
    "counts": {
      "transactionalEmails": 0,
      "automations": 2
    }
  }
}

Authorizations

Authorization

string

header

default:Bearer brew_your_api_key

required

Send your Brew API key as Authorization: Bearer brew_xxx.

Headers

Idempotency-Key

string

Optional idempotency key for safe retries. Reusing the same key with the same request body returns the original response for 24 hours.

Required string length: 1 - 100

Body

application/json

Trigger fire request.

triggerEventId

string

required

Internal id of the published trigger event to fire. Returned by POST /api/v1/triggers and listed in GET /api/v1/triggers. Accepts both custom brew_api ids and composite integration ids (≤ 256 chars). The trigger title and providerEventKey are descriptors and are NEVER URL segments — the path is fixed at /api/v1/automation/runs.

Required string length: 1 - 256

payload

object

required

Event payload — fields and types must match the trigger's payloadSchema. Unknown fields are accepted but reported as unexpected_key warnings.

Show child attributes

idempotencyKey

string

Legacy body-field alternative to the Idempotency-Key HTTP header. Prefer the header for new integrations. The token is namespaced server-side with the API key org so different tenants cannot collide.

Required string length: 1 - 100

Response

The trigger was accepted and matched (or replayed via idempotency).

success

boolean

required

status

enum<string>

required

Discriminator for the response category. Pairs with code. A trigger with no published automation attached returns status: "failed" + code: "NO_PUBLISHED_AUTOMATION" (HTTP 422). Successful fires always return status: "triggered".

Available options:

triggered,

idempotent_replay,

ready,

invalid_api_key,

invalid_json,

failed,

forbidden,

payload_mismatch,

trigger_event_not_found

code

string

required

message

string

required

receivedAt

string

required

ISO-8601 timestamp the request was processed at.

triggerEventId

string

details

object

Show child attributes

List recent fires (audit log)Fetch a single fire

⌘I