Webhook

Receives HTTP requests and triggers workflows

Node Type

Trigger

Icon

Webhook

Overview

The Webhook node is a trigger node that receives HTTP requests and automatically starts workflow execution. This powerful integration enables external services, applications, and systems to trigger your workflows by sending HTTP requests to custom endpoints, creating seamless automation and real-time integration capabilities.

Key Features

• HTTP Trigger: Receives GET and POST requests to trigger workflows
• Custom Endpoints: Create unique webhook URLs for different integrations
• Authentication Options: Support for secret-based authentication
• Request Data Access: Provides request body and headers to workflows
• Dynamic Documentation: Generates endpoint URLs for easy integration
• Header Management: Configure and merge custom request headers

Prerequisites

Infrastructure Requirements

Must have accessible webhook endpoints and proper network configuration

Publicly accessible webhook endpoint

Proper firewall and security configurations

HTTPS support for secure webhook communication

Security Considerations

Authentication: Understanding of webhook security best practices

Endpoint Security: Protection against unauthorized access and abuse

Data Validation: Proper handling of incoming webhook data

Technical Requirements

Webhook Framework: Access to webhook trigger infrastructure

HTTP Handling: Support for processing incoming HTTP requests

Error Handling: Proper exception handling for webhook failures

Node Configuration

Required Fields

Request Method

Type:dropdown

Required:Yes

Default:POST

The HTTP method this webhook will accept. Available options are GET and POST. Choose the method that matches your integration requirements and security policies.

Path

Type:text

Required:Yes

Value Type:string

The custom path for the webhook endpoint. This will be appended to the base webhook URL to create a unique endpoint for this webhook. Use descriptive paths like "github-push" or "stripe-payment".

Optional Fields

Authentication

Type:dropdown

Required:No

Default:none

The authentication method for the webhook. Available options are "none" for public endpoints and "secret" for authenticated endpoints. Choose based on your security requirements.

Request Headers

Type:key_value

Required:No

Value Type:JSON

Custom headers to include in the webhook request. These headers will be merged with incoming request headers, with incoming headers taking precedence. Useful for adding metadata or authentication tokens.

Technical Details

Webhook Trigger Process

How the node receives HTTP requests and triggers workflow execution

Request Reception

The webhook node receives HTTP requests through the webhook trigger infrastructure:

• Endpoint Creation: Generates unique webhook URLs based on path configuration
• Request Validation: Validates HTTP method and authentication if configured
• Data Extraction: Extracts request body and headers for workflow processing
• Workflow Trigger: Automatically starts workflow execution with webhook data

Trigger Execution

Uses the _trigger method to process incoming webhook data and provide it to the workflow. The node cannot be executed as part of a workflow graph since it's a trigger node.

Data Processing

How the node processes and merges webhook request data

Header Merging

The node merges configured custom headers with incoming request headers using the logic:{ ...configuredHeaders, ...headers }. This ensures incoming headers take precedence while preserving configured defaults.

Error Handling

If an error occurs during webhook processing, the node returns an error message in the request body output, allowing workflows to handle failures gracefully and provide appropriate error responses.

Data Validation

The node validates that trigger data exists and contains the expected body and headers structure before processing. This ensures robust handling of malformed webhook requests.

Dynamic Documentation

How the node generates webhook endpoint URLs for integration

URL Generation

The getDynamicDocumentation method generates the complete webhook endpoint URL by combining the base API URL, webhook trigger path, node ID, and configured path. This provides users with the exact URL to use for integrations.

Path Cleaning

Automatically removes leading slashes from the configured path to ensure proper URL construction. This prevents double slashes and ensures clean, valid webhook endpoints.

Method Display

Includes the configured HTTP method in the generated documentation, making it clear what type of request should be sent to the webhook endpoint.

Examples & Use Cases

GitHub Integration

Trigger workflows on code pushes and pull requests

{
  "requestMethod": "POST",
  "path": "github-webhook",
  "authentication": "secret",
  "requestHeaders": {
    "X-GitHub-Event": "push",
    "User-Agent": "GitHub-Hookshot"
  }
}

This configuration creates a webhook endpoint for GitHub integration that accepts POST requests and includes GitHub-specific headers. The webhook will trigger workflows when GitHub sends push event notifications.

Stripe Payment Webhook

Process payment events and trigger business workflows

{
  "requestMethod": "POST",
  "path": "stripe-payments",
  "authentication": "secret",
  "requestHeaders": {
    "Stripe-Signature": "{{stripeSignature}}",
    "Content-Type": "application/json"
  }
}

This configuration creates a webhook for Stripe payment processing that accepts POST requests and includes Stripe-specific headers for signature verification and content type specification.

Form Submission Webhook

Process form submissions and trigger automated responses

{
  "requestMethod": "POST",
  "path": "contact-form",
  "authentication": "none",
  "requestHeaders": {
    "Content-Type": "application/json",
    "X-Form-Source": "website"
  }
}

This configuration creates a public webhook for contact form submissions that accepts POST requests and includes custom headers to identify the form source and content type.

Simple GET Webhook

Create simple GET endpoints for basic integrations

{
  "requestMethod": "GET",
  "path": "health-check",
  "authentication": "none"
}

This configuration creates a simple health check webhook that accepts GET requests without authentication. Useful for monitoring, testing, or simple integrations that don't require complex data processing.

Workflow Examples

Automated Customer Onboarding

Trigger customer onboarding workflows from webhook events

Workflow Structure

🔗 Webhook Trigger → 📊 Data Processing → 📧 Welcome Email → 📱 SMS Notification → ✅ Onboarding Complete

Webhook Configuration

{
  "requestMethod": "POST",
  "path": "customer-signup",
  "authentication": "secret",
  "requestHeaders": {
    "Content-Type": "application/json",
    "X-Event-Type": "customer.created"
  }
}

Implementation Steps

Webhook Trigger: Receives customer signup data from external system
Data Processing: Extracts customer information from request body
Welcome Email: Generates and sends personalized welcome email
SMS Notification: Sends SMS confirmation to customer
Onboarding Complete: Updates customer status and logs completion

Real-time Order Processing

Process orders immediately when webhooks are received

Use Case

Automatically process orders, update inventory, and notify relevant teams when webhook events are received from e-commerce platforms, payment processors, or order management systems.

Webhook Configuration

{
  "requestMethod": "POST",
  "path": "order-created",
  "authentication": "secret",
  "requestHeaders": {
    "Content-Type": "application/json",
    "X-Platform": "shopify",
    "X-Event": "order.created"
  }
}

Processing Steps

Webhook receives order creation event from e-commerce platform
Order data is extracted and validated from request body
Inventory is automatically updated based on order items
Order confirmation emails are sent to customers
Warehouse teams are notified of new orders
Order status is tracked and updated in real-time

Best Practices

Do's

• Use descriptive and unique paths for each webhook
• Implement authentication for sensitive webhook endpoints
• Include relevant custom headers for context
• Use HTTPS endpoints for secure communication
• Monitor webhook performance and reliability
• Implement proper error handling in workflows
• Use appropriate HTTP methods for your use case

Don's

• Don't use generic paths like "webhook" or "api"
• Avoid leaving webhooks unauthenticated for sensitive data
• Don't ignore webhook security best practices
• Avoid creating webhooks without proper error handling
• Don't use GET for webhooks that modify data
• Avoid exposing webhook endpoints without rate limiting
• Don't forget to validate incoming webhook data

Security

• Always use HTTPS for webhook endpoints
• Implement secret-based authentication when possible
• Validate webhook signatures from trusted services
• Use unique, unpredictable webhook paths
• Implement rate limiting to prevent abuse
• Monitor webhook access and usage patterns
• Regularly rotate authentication secrets

💡

Pro Tip: When designing webhook endpoints, think about the external service that will be calling them. Use descriptive paths, implement proper authentication, and include relevant headers to make integration as smooth as possible. Remember that webhooks are the entry point to your workflows, so security and reliability are paramount.

Troubleshooting

Common Issues

Webhook Not Triggering

Symptoms: External service sends requests but workflow doesn't start

Solution: Verify the webhook URL is correct, check authentication settings, and ensure the webhook node is properly configured in your workflow. Test the endpoint manually to confirm it's accessible.

Authentication Failures

Symptoms: Webhook requests are rejected with authentication errors

Solution: Check that the authentication method matches what the external service is sending. For secret-based authentication, verify the secret is correctly configured and being sent in the request.

Data Not Available in Workflow

Symptoms: Workflow starts but can't access webhook data

Solution: Check the webhook node's output fields are properly connected to downstream nodes. Verify that the external service is sending data in the expected format and that the webhook is configured to accept the correct HTTP method.

Endpoint Not Accessible

Symptoms: External service cannot reach the webhook endpoint

Solution: Check network configuration, firewall settings, and ensure the webhook endpoint is publicly accessible. Verify the URL generated by the dynamic documentation is correct and accessible from the internet.

Webhook

Node Type

Category

Icon

Overview

Key Features

Prerequisites

Infrastructure Requirements

Security Considerations

Technical Requirements

Node Configuration

Required Fields

Request Method

Path

Optional Fields

Authentication

Request Headers

Technical Details

Webhook Trigger Process

Request Reception

Trigger Execution

Data Processing

Header Merging

Error Handling

Data Validation

Dynamic Documentation

URL Generation

Path Cleaning

Method Display

Examples & Use Cases

GitHub Integration

Stripe Payment Webhook

Form Submission Webhook

Simple GET Webhook

Workflow Examples

Automated Customer Onboarding

Workflow Structure

Webhook Configuration

Implementation Steps

Real-time Order Processing

Use Case

Webhook Configuration

Processing Steps

Best Practices

Do's

Don's

Security

Troubleshooting

Common Issues

Webhook Not Triggering

Authentication Failures

Data Not Available in Workflow

Endpoint Not Accessible

Related Resources