search

Webhooks

hashtag
Overview

Webhooks provide real-time notifications when events occur in the Form Platform.

hashtag
Webhook Events

hashtag
Available Events

  • response.created - New form submission

  • event.view - Form page viewed

  • event.focus - Field focused

  • event.submit - Form submitted

  • event.error - Validation error

  • event.abandon - Form abandoned

hashtag
Webhook Configuration

hashtag
Create Webhook

POST /webhooks
{
  "formId": "form_123",
  "event": "response.created",
  "url": "https://example.com/webhook",
  "secret": "whsec_optional_secret"
}

hashtag
Webhook Settings

  • URL: Endpoint to receive webhooks

  • Event: Event type to subscribe to

  • Secret: HMAC secret for verification

  • Enabled: Enable/disable webhook

hashtag
Webhook Payload

hashtag
OpenTelemetry Format

hashtag
Legacy Format

For backwards compatibility, legacy fields included:

  • type: Event type

  • form_id: Form ID

  • response_id: Response ID

  • timestamp: ISO timestamp

  • data: Event data

hashtag
Signature Verification

hashtag
HMAC Signature

Webhooks include HMAC SHA-256 signature:

Header: X-Webhook-Signature

hashtag
Verification

hashtag
Webhook Delivery

hashtag
Retry Logic

  • Automatic retries with exponential backoff

  • Maximum 3 retry attempts

  • Dead-letter queue for failures

hashtag
Delivery Status

  • Success: 200-299 status codes

  • Failure: 4xx, 5xx status codes

  • Retry: Automatic retry on failure

hashtag
Best Practices

hashtag
Webhook Endpoint

  • Return 200 quickly

  • Process asynchronously

  • Idempotent processing

  • Log all webhooks

hashtag
Security

  • Always verify signatures

  • Use HTTPS endpoints

  • Validate payload structure

  • Rate limit webhook processing

hashtag
Next Steps

  • API Reference - API reference

  • Security - Security best practices

PreviousWorkspace EnvironmentsNextAnalytics

Last updated