Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.leavo.ai/llms.txt

Use this file to discover all available pages before exploring further.

Create Webhook

POST /backend/webhooks

Body Parameters

url
string
required
URL that will receive notifications
events
array
required
List of events to subscribe to
active
boolean
default:"true"
Whether webhook is active

Request Example

curl -X POST "https://api.leavo.ai/backend/webhooks" \
  -H "Authorization: Bearer your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-app.com/webhooks/leavo",
    "events": ["lead.created", "lead.status_changed", "message.received"],
    "active": true
  }'

Response

{
  "success": true,
  "data": {
    "id": "webhook-uuid",
    "url": "https://your-app.com/webhooks/leavo",
    "events": ["lead.created", "lead.status_changed", "message.received"],
    "active": true,
    "secret": "whsec_xxxxxxxxxxxxx",
    "created_at": "2024-01-15T10:30:00Z"
  }
}
Store the secret securely. It’s used to verify that requests actually came from Leavo.

Signature Verification

Every webhook includes an X-Leavo-Signature header. Verify it to ensure authenticity: 
const crypto = require('crypto');

function verifyWebhook(payload, signature, secret) {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex');

  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expectedSignature)
  );
}