Use Case · Mastra

Your Mastra workflows call APIs. Civic decides how often and how much.

Mastra makes it easy to build TypeScript agent workflows. Civic adds rate limits, cost caps, and audit trails.

use case / mastra

The workflow retried a failed webhook 2,000 times. The receiving service went down.

Just imagine, one day…

You build a Mastra workflow that processes incoming events, enriches them with external data, and sends webhooks to a downstream service. The workflow handles retries automatically. You deploy it and start processing events.

The downstream service returns a 503. The workflow's retry logic kicks in with exponential backoff, but a configuration bug sets the max retries to unlimited. 2,000 webhook attempts in 20 minutes. The downstream service can't handle the load and goes offline. Your events queue up. The other team's on-call gets paged at 3am.

Retry logic without a hard limit isn't resilience. It's a DDoS with good intentions.

Without rate limits, retry logic becomes a denial-of-service attack.

It does things you did not intend

You wanted reliable webhook delivery. A config bug turned retries into 2,000 requests that took down the downstream service.

You cannot prove what happened

2,000 retry attempts. No clear log of when the backoff failed or why the limit wasn't enforced. You're reading webhook logs at 3am.

You cannot stop it fast enough

20 minutes of escalating retries. No hard cap. The downstream service went offline before anyone noticed the loop.

It gets confused and you never know

The 503 response triggered retries. Each retry added load. The service returned more 503s. The workflow saw each one as a new reason to retry.

Your Mastra workflow calls Civic. Civic enforces rate limits at the tool level.

Connectivity

One MCP endpoint for webhooks, APIs, and databases. Your Mastra workflow connects to external services through Civic.

Guardrails

Send webhooks, max 30 per minute. If the downstream service returns errors, Civic enforces the backoff your config missed.

Auditability

Every webhook attempt, every retry, every error logged with timing. See the retry storm forming before it takes down a service.

Revocation

Revoke webhook access and the workflow stops sending instantly. No lingering retry queues. No more requests to the overloaded service.

Connect Mastra through Civic in three steps

Mastra Agent

Add webhook endpoint and event API.

Set rate limit to 30 webhooks per minute.

Set max retries to 5 per event.

Done. 2 tools connected:

✓ Webhook — 30/min, 5 retries max

✓ Event API — read events

Your MCP URL is ready to copy.

Read the docs

The same scenario. Different outcomes.

Without Civic, unlimited retries take down the downstream service. With Civic, retries cap at 5 and you get an alert.

$ mastra deploy event-processor

[mastra] webhook to downstream... 503

[mastra] retrying... attempt #47

[webhook] attempt #2,000 — service overloaded

[downstream] ✘ service offline

$ # 2,000 retries. downstream service down.

$ mastra deploy event-processor

[mastra] webhook to downstream via Civic... 503

[mastra] retrying... attempt #5

[nexus] retry cap reached (5/5)

[nexus] ✘ event queued for manual review

[nexus] alert sent

$ # 5 retries. event queued. downstream unharmed.

Ship safer with Civic

We'll help you implement authenticated, scoped, and auditable access without slowing down your build.

Start building Read the docs