Skip to content

Webhooks

A webhook pushes each new lead to a web address you control, the moment it’s captured — the instant version of an export. Available on every plan; up to 10 destinations.

  1. Settings → Webhooks → Add destination.
  2. Name it (e.g. CRM sync, Slack alerts) and enter your endpoint URL. It must use HTTPS, and private or internal addresses aren’t allowed.
  3. On creation you’re shown the signing secret once — “copy it now, it won’t be shown again.” Store it with the receiving system.

One event exists: lead.captured. Each delivery is a JSON body with the event name, a timestamp, and the lead’s details, signed with an X-LeadSource-Signature header — your endpoint should verify that signature against the secret so nobody can feed it fake leads. The page documents the exact payload shape; build against what it shows.

Each destination has a history view — the last 50 deliveries with status Pending, Running, Delivered, or Failed, and a Retry now on failures. Before your first form submission it reads “No delivery history” — deliveries only exist once leads flow.

  • Everything shows Failed. Your endpoint isn’t returning success — check it’s reachable from the internet, serves valid HTTPS, and responds quickly. Fix, then Retry now.
  • “Must use HTTPS. Private or loopback addresses are not allowed.” Local and internal addresses can’t receive deliveries — expose a public HTTPS endpoint (tunnelling tools work for testing).
  • Rejected signatures. Verify against the exact secret shown at creation; if it’s lost, delete the destination and add it again to get a fresh one.
  • Deleting a destination stops its deliveries immediately — confirm nothing downstream still depends on it.

If deliveries fail from our side, they appear in Capture status as failed Outbound webhook jobs.