Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.politicalcomms.com/llms.txt

Use this file to discover all available pages before exploring further.

1

Open the Webhooks admin

From the dashboard, go to Admin → Webhooks in the left navigation menu.
2

Add an endpoint

Click Add Endpoint and configure:
  • Endpoint name - A descriptive label (e.g. “CRM sync - production”).
  • HTTPS URL - Your receiving endpoint. Must be HTTPS in production.
  • Event subscriptions - Tick the events you want to receive. You can subscribe to one or many.
3

Copy and store the signing secret

Copy the webhook signing secret and store it securely (a secret manager, not source control). You will need it to validate signatures. The secret is shown only once.
4

Send a test webhook

Click Send Test Webhook to verify end-to-end delivery. Your endpoint should return 200 within 10 seconds.

Receiving payloads

Webhooks arrive as POST requests with Content-Type: application/json. The body is JSON; the headers tell you what kind of event, when it occurred, and how to validate the signature. 
POST /your-webhook-endpoint HTTP/1.1
Host: your-domain.com
Content-Type: application/json
X-Webhook-Signature: sha256=abc123...
X-Event-Type: message.delivered
X-Event-ID: msg_7f8a9b0c1d2e3f4g
X-Timestamp: 1705488600
The payload body and per-event examples are documented on the event types page.

Where to go next

Validate signatures

HMAC-SHA256 validation pattern + Node.js example.

Retry policy

What happens if your endpoint is unavailable.