Webhooks
LiveOutbound event subscriptions with HMAC-SHA256 signature verification. Subscribe at registration time; the signing secret is returned ONCE, save it. Rotate at any time with a 24-hour overlap window so you can deploy the new secret on the receiver before retiring the old one.
/api/v1/webhooksreadLiveList webhook subscriptions
Returns all webhook endpoints registered for the calling organization.
{
"data": [
{
"id": "f4e9c2a8-7d31-4b6f-9c83-21e5d4a07b14",
"url": "https://crm-bridge.example.com/webhook",
"events": ["call.qualified", "lead.created", "claim.scope.ready"],
"description": "Production CRM bridge",
"signing_secret_prefix": "whsec_a1b2c3",
"enabled": true,
"created_at": "2026-02-14T09:11:00.000Z",
"last_delivery_at": "2026-04-27T17:42:18.001Z",
"last_delivery_status": 200
}
]
}/api/v1/webhooks/{id}readLiveFetch a webhook subscription
Returns subscription metadata. The signing secret itself is never returned, only the public prefix.
{
"id": "f4e9c2a8-7d31-4b6f-9c83-21e5d4a07b14",
"url": "https://crm-bridge.example.com/webhook",
"events": ["call.qualified", "lead.created", "claim.scope.ready"],
"description": "Production CRM bridge",
"signing_secret_prefix": "whsec_a1b2c3",
"enabled": true,
"created_at": "2026-02-14T09:11:00.000Z",
"last_delivery_at": "2026-04-27T17:42:18.001Z",
"last_delivery_status": 200
}/api/v1/webhooksadminLiveRegister a webhook endpoint
Subscribe to one or more event types. The endpoint must be HTTPS. We return a signing secret used for HMAC verification, save it; we will not show it again. Valid event names: call.received, call.classified, call.qualified, lead.created, lead.updated, outreach.email.sent, outreach.email.replied, claim.scope.ready, review.requested, review.received, audit.log.event.
{
"url": "https://crm-bridge.example.com/webhook",
"events": ["call.qualified", "lead.created", "claim.scope.ready"],
"description": "Production CRM bridge"
}{
"id": "f4e9c2a8-7d31-4b6f-9c83-21e5d4a07b14",
"url": "https://crm-bridge.example.com/webhook",
"events": ["call.qualified", "lead.created", "claim.scope.ready"],
"description": "Production CRM bridge",
"signing_secret_prefix": "whsec_a1b2c3",
"enabled": true,
"created_at": "2026-02-14T09:11:00.000Z",
"signing_secret": "whsec_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6",
"_warning": "Save this signing_secret now. It will not be shown again."
}/api/v1/webhooks/{id}adminLiveDelete a webhook
Stops sending events to this endpoint immediately.
{
"id": "f4e9c2a8-7d31-4b6f-9c83-21e5d4a07b14",
"deleted": true
}/api/v1/webhooks/{id}/rotate-secretadminLiveRotate the signing secret
Returns a new secret. The previous secret remains valid for 24 hours, so you can deploy the new one on the receiver before retiring the old.
{
"id": "f4e9c2a8-7d31-4b6f-9c83-21e5d4a07b14",
"url": "https://crm-bridge.example.com/webhook",
"signing_secret_prefix": "whsec_z9y8x7",
"signing_secret": "whsec_z9y8x7w6v5u4t3s2r1q0p9o8n7m6l5k4",
"_warning": "Save this signing_secret now. It will not be shown again. The previous secret remains valid for 24 hours."
}/api/v1/webhooks/{id}/deliveriesreadRoadmapRecent deliveries
List the last 100 delivery attempts with status, response code, latency, and retry count.
{
"data": [
{
"id": "whd_8w3p1m",
"event": "call.qualified",
"status": "delivered",
"response_status": 200,
"latency_ms": 142,
"attempt": 1,
"delivered_at": "2026-04-27T17:42:18.001Z"
}
],
"next_cursor": null
}