Release v0.17.2

@quiltdata/benchling-webhook@0.17.2 deploy:notes
bash scripts/release-notes.sh 0.17.2 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.2 false @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.2

View on npmjs.com: @quiltdata/benchling-webhook@0.17.2

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.2

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.2

Changes

Fixed

• Canvas during entry export now shows the full navigation layout (Browse/Update buttons, package header, and footer reading "Updating...") instead of a bare "Processing..." placeholder. Update Package is disabled while the export runs; Browse Package stays enabled so the previous package version remains reachable on re-exports
• Packaging requests are now sequenced per entry through a FIFO SQS queue, so entry.created and canvas.created events for the same entry can no longer race and drop canvas_id from entry.json

Removed

• .canvas_id S3 sidecar is no longer read or written — per-entry FIFO ordering makes it unnecessary. Existing sideca...

Release v0.17.1-20260415T215352Z

@quiltdata/benchling-webhook@0.17.1 deploy:notes
bash scripts/release-notes.sh 0.17.1-20260415T215352Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.1-20260415T215352Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.1-20260415T215352Z

View on npmjs.com: @quiltdata/benchling-webhook@0.17.1-20260415T215352Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.1-20260415T215352Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.1-20260415T215352Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

Full Changelog: v0.17.1-20260415T202609Z...v0.17.1-20260415T215352Z

Release v0.17.1-20260415T202609Z

@quiltdata/benchling-webhook@0.17.1 deploy:notes
bash scripts/release-notes.sh 0.17.1-20260415T202609Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.1-20260415T202609Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.1-20260415T202609Z

View on npmjs.com: @quiltdata/benchling-webhook@0.17.1-20260415T202609Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.1-20260415T202609Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.1-20260415T202609Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

Full Changelog: v0.17.0-20260415T153833Z...v0.17.1-20260415T202609Z

Release v0.17.0

@quiltdata/benchling-webhook@0.17.0 deploy:notes
bash scripts/release-notes.sh 0.17.0 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0 false @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.0

View on npmjs.com: @quiltdata/benchling-webhook@0.17.0

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0

Changes

Changed

• Package events via SQS — EventBridge now routes package-revision events through an SQS queue to a dedicated ECS sidecar consumer, replacing the API Gateway /package-event route
• Secrets fetching uses a TTL cache with background refresh (prevents 504 on cache miss)
• Dev deploy is hardcoded to standalone
• Integrated-stack deploy now prompts instead of blocking outright
• Dependency updates (#380, #381)

Added

• SQS dead-letter queue (14-day retention) for failed package events
• Deployment plan displays workflow, Benchling tenant and masked client ID from the secret

Removed

• --stage CLI option — all deployments use a single `p...

Release v0.17.0-20260415T153833Z

@quiltdata/benchling-webhook@0.17.0 deploy:notes
bash scripts/release-notes.sh 0.17.0-20260415T153833Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260415T153833Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.0-20260415T153833Z

View on npmjs.com: @quiltdata/benchling-webhook@0.17.0-20260415T153833Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260415T153833Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260415T153833Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

Full Changelog: v0.17.0...v0.17.0-20260415T153833Z

Release v0.17.0-20260415T024257Z

@quiltdata/benchling-webhook@0.17.0 deploy:notes
bash scripts/release-notes.sh 0.17.0-20260415T024257Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260415T024257Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.0-20260415T024257Z

View on npmjs.com: @quiltdata/benchling-webhook@0.17.0-20260415T024257Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260415T024257Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260415T024257Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

Full Changelog: v0.17.0-20260414T232113Z...v0.17.0-20260415T024257Z

Release v0.17.0-20260414T232113Z

@quiltdata/benchling-webhook@0.17.0 deploy:notes
bash scripts/release-notes.sh 0.17.0-20260414T232113Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260414T232113Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.0-20260414T232113Z

View on npmjs.com: @quiltdata/benchling-webhook@0.17.0-20260414T232113Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260414T232113Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260414T232113Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

Full Changelog: v0.17.0-20260414T022608Z...v0.17.0-20260414T232113Z

Release v0.17.0-20260414T022608Z

@quiltdata/benchling-webhook@0.17.0 deploy:notes
bash scripts/release-notes.sh 0.17.0-20260414T022608Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260414T022608Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.17.0-20260414T022608Z

View on npmjs.com: @quiltdata/benchling-webhook@0.17.0-20260414T022608Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260414T022608Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.17.0-20260414T022608Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

What's Changed

• chore(deps): update softprops/action-gh-release action to v3 by @renovate[bot] in #380
• fix(deps): update all minor and patch up...

Release v0.16.0

@quiltdata/benchling-webhook@0.16.0 deploy:notes
bash scripts/release-notes.sh 0.16.0 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.16.0 false @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.16.0

View on npmjs.com: @quiltdata/benchling-webhook@0.16.0

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.16.0

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.16.0

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

What's Changed

• fix(deps): update all minor and patch updates by @renovate[bot] in #378
• fix: EventBridge runtime filtering + remove pending canvas by @drernie in #379

Full Changelog: https://github.com/qu...

Release v0.16.0-20260411T224037Z

@quiltdata/benchling-webhook@0.16.0 deploy:notes
bash scripts/release-notes.sh 0.16.0-20260411T224037Z 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.16.0-20260411T224037Z true @quiltdata/benchling-webhook

Benchling Webhook Integration for Quilt

The Benchling Webhook creates a seamless connection between Benchling's Electronic Lab Notebook (ELN) and Quilt's Scientific Data Managements System (SDMS) for Amazon S3.
It not only allows you to view Benchling metadata and attachments inside Quilt packages, but also enables users to browse Quilt package descriptions from inside Benchling notebookes.

The webhook works through a Benchling App that must be installed in your Organization by a Benchling Administrator and configured to call your stack's unique webhook (see Installation, below).

Availability

It is available in the Quilt Platform (1.65 or later) or as a standalone CDK stack via the @quiltdata/benchling-webhook npm package.

Functionality

Auto-Packaging

When scientists create notebook entries in Benchling, this webhook automatically:

• Creates a dedicated Quilt package for each notebook entry
• Synchronizes metadata from Benchling (experiment IDs, authors, etc.) into that package
• Copies attachments from that notebook into Amazon S3 as part of the package.
• Enables orgnizational data discovery by making contents available in ElasticSearch, and metadata available in Amazon Athena.

Package Linking

In addition, Quilt users can 'tag' additional packages by setting the experiment_id (or a custom metadta key) to the display ID of a Benchling notebook, e.g., EXP00001234.

From inside the Quilt Catalog:

1. Navigate to the package of interest
2. Click 'Revise Package'
3. Go the metadata editor in the bottom left
4. In the bottom row, enter experiment_id as key and the display ID as the value.
5. Set the commit message and click 'Save'

Benchling App Canvas

The webhook includes a Benchling App Canvas, which allows Benchling users to view, browse, and sync the associated Quilt packages.

• Clicking the package name opens it in the Quilt Catalog
• The sync button will open the package or file in QuiltSync, if you have it installed.
• The Update button refreshes the package, as Benchling only notifies Quilt of changes when the metadata fields are modified.

The canvas also allows you to browse package contents:

and view package metadata:

Inserting a Canvas

If the App Canvas is not already part of your standard notebook template, Benchling users can add it themselves:

1. Create a notebook entry
2. Select "Insert" → "Canvas"
3. Choose "Quilt Package"
4. After it is inserted, click the "Create" button

Security Features

Single Authentication Layer:

• FastAPI HMAC Verification - All webhook requests verified against Benchling secret
• Signatures computed over raw request body
• Invalid signatures return 403 Forbidden

Optional Network Filtering:

• Resource Policy IP Filtering - Free alternative to AWS WAF ($7/month saved)
• Blocks unknown IPs at API Gateway edge (applies to all endpoints)
• BREAKING CHANGE (v1.1.0+): Health endpoints NO LONGER exempt from IP filtering
• External monitoring services must be added to allowlist or IP filtering disabled
• NLB health checks unaffected (bypass API Gateway)
• IP filtering does NOT replace authentication (it's defense-in-depth)

Infrastructure Security:

• Private network (ECS in private subnets, no public IPs)
• VPC Link encrypted connection between API Gateway and NLB
• TLS 1.2+ encryption on all API Gateway endpoints
• CloudWatch audit trail for HMAC verification and resource policy decisions
• Least-privilege IAM roles

Installation

1. Installing the Benchling App

This requires a Benchling admin to use npx from NodeJS version 18 or later.

1.1 Get the app manifest

Download app-manifest.yaml from the
latest GitHub release,
or generate one locally:

npx @quiltdata/benchling-webhook@latest manifest

1.2 Upload the manifest to Benchling

• Follow Benchling's create and install instructions.
• Save the App Definition ID, Client ID, and Client Secret for the next step.

2. Configuring the Benchling App

Your command-line environment must have AWS credentials for the account containing your Quilt stack.
All you need to do is use npx to run the package:

npx @quiltdata/benchling-webhook@latest

If you need to choose AWS credentials explicitly, prefer --aws-profile:

npx @quiltdata/benchling-webhook@latest --aws-profile myaws

You can also use AWS_PROFILE:

AWS_PROFILE=myaws npx @quiltdata/benchling-webhook@latest

--profile is different: it selects a local benchling-webhook config profile under ~/.config/benchling-webhook/, not your AWS credential profile.

The wizard will guide you through:

1. Catalog discovery - Detect your Quilt catalog configuration
2. Stack validation - Extract settings from your CloudFormation stack
3. Credential collection - Enter Benchling app credentials
4. Package settings - Configure bucket, metadata key, and optional Quilt workflow
5. Deployment mode selection:
   • Integrated: Uses your Quilt stack's built-in webhook, if any
   • Standalone: Deploys a separate webhook stack for testing

Note: Configuration is stored in ~/.config/benchling-webhook/ using the XDG Base Directory standard, supporting multiple profiles.

3. Configure Webhook URL

Add the webhook URL (displayed after setup) to your Benchling app settings.

Important: The endpoint URL format is https://{api-id}.execute-api.{region}.amazonaws.com/{stage}/webhook (includes stage prefix like /prod/webhook or /dev/webhook).

If your integration reads or writes within a specific Benchling project, share that project with the service account behind the Benchling App Client ID. This integration uses the app/service-account identity, not an end-user OAuth session. If project access appears broken, verify the service account can perform a simple read or list API call for the target project.

4. Test Integration

In Benchling:

1. Create a notebook entry
2. Insert Canvas → Select "Quilt Package"
3. Click "Create"

A Quilt package will be automatically created and linked to your notebook entry.
If you run into problems, contact Quilt Support

Multi-Stack Deployments (v0.9.8+)

Starting with version 0.9.8, you can deploy multiple webhook stacks in the same AWS account/region. This is useful for:

• Multi-tenant deployments - Separate stacks for each customer
• Environment isolation - Dev, staging, prod in same account
• A/B testing - Parallel stacks with different configurations

Profile-Based Stack Names

Each profile automatically gets its own CloudFormation stack:

# Default profile uses legacy name (backwards compatible)
npx @quiltdata/benchling-webhook@latest deploy --profile default
# Creates: BenchlingWebhookStack

# Other profiles get unique names
npx @quiltdata/benchling-webhook@latest deploy --profile sales
# Creates: BenchlingWebhookStack-sales

npx @quiltdata/benchling-webhook@latest deploy --profile customer-acme
# Creates: BenchlingWebhookStack-customer-acme

Custom Stack Names

You can also specify a custom stack name in your profile configuration:

{
  "deployment": {
    "stackName": "MyCustomWebhookStack",
    ...
  }
}

Managing Multiple Stacks

All commands support the --profile flag:

# Deploy a specific profile
npx @quiltdata/benchling-webhook@latest deploy --profile sales

# Check status
npx @quiltdata/benchling-webhook@latest status --profile sales

# View logs
npx @quiltdata/benchling-webhook@latest logs --profile sales

# Destroy stack
npx @quiltdata/benchling-webhook@latest destroy --profile sales

NPM Package

npm install @quiltdata/benchling-webhook@0.16.0-20260411T224037Z

View on npmjs.com: @quiltdata/benchling-webhook@0.16.0-20260411T224037Z

Docker Image

For custom deployments, use the following Docker image:

712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.16.0-20260411T224037Z

Pull and run:

docker pull 712023778557.dkr.ecr.us-east-1.amazonaws.com/quiltdata/benchling:0.16.0-20260411T224037Z

Resources

• Installation Guide
• Configuration Guide
• Development Guide
• Release Process

What's Changed

• fix(deps): update all minor and patch updates by @renovate[bot] in #378

Full Changelog: https://github.com/quiltdata/benchl...