Skip to content
English
Home
  • There are no suggestions because the search field is empty.

Set up webhooks for your organization

Connect external systems to receive real-time events from Avoma. Settings → Organization → Developer

Webhooks let you automate workflows by sending real-time notifications to external systems whenever specific events happen in Avoma, such as when meeting notes are ready or when a meeting is scheduled through your scheduler.

This guide shows how to set up your signing secret, create webhooks, and manage them going forward.

Before you begin

  • You must have Admin privileges in Avoma.
  • Your organization must be on an Organization or Enterprise plan. Webhooks are not available on the Startup plan.
  • You need an external endpoint (your server’s URL) that can receive and process webhook events.

Key sections

Set up signing secrets

A signing secret is a secure key that Avoma uses to sign webhook payloads. Your server can verify this signature to confirm that webhook events truly came from Avoma and haven’t been tampered with.

How It Works: The HMAC-SHA256 Signature

Here's the step-by-step process:

On Avoma's side (when sending a webhook):

  1. Avoma takes the raw webhook payload (the JSON data about the event)
  2. Avoma uses your signing secret + a special algorithm called HMAC-SHA256 to create a unique fingerprint of that data
  3. This fingerprint is placed in a header called X-Avoma-Signature and sent along with the webhook
  4. Your server receives both the payload AND this signature header

On your server's side (when receiving a webhook):

  1. You receive the webhook payload and the X-Avoma-Signature header
  2. You take the same signing secret and the same payload and run it through the same HMAC-SHA256 algorithm
  3. Your server generates its own signature fingerprint
  4. You compare your generated signature with the one Avoma sent in the header
  5. If they match → The webhook is authentic and untouched ✅
  6. If they don't match → Either the data was tampered with, or it's a fake webhook ❌

How to generate a signing secret

1. Go to Settings → Organization → Developer.

2. Click the Webhooks tab.


Settings → Organization → Developer page with the Webhooks tab highlighted

Settings → Organization → Developer page with the Webhooks tab highlighted

3. In the “Webhook Signing Secret” section, click Generate.


Webhook Signing Secret section with the Generate button visible and the info icon

Webhook Signing Secret section with the Generate button visible and the info icon

4. A confirmation dialog appears. Click Generate again to confirm.

Avoma webhook generation: Confirmation dialog with the warning text and Generate button

Confirmation dialog with the warning text and 'Generate' button

5. Your new secret is displayed and masked with dots. Click the eye icon to reveal it, or click Copy to copy it to your clipboard.

Avoma Signing secret displayed with masked dots, showing the eye icon and Copy button

Signing secret displayed with masked dots, showing the eye icon and Copy button

6. Share this secret with your development team or paste it into your webhook processing code. Treat it like a password—never share it publicly.

Tips

  • Keep your signing secret safe. If you believe it’s been compromised, regenerate it immediately and update your server.
  • Use the signing secret to validate webhook events. Your server should compute an HMAC-SHA256 signature of the incoming payload and verify it matches the X-Avoma-Signature header.

Create your first webhook

Webhooks connect Avoma events to your external systems. You define which event triggers the webhook and where to send the data.

Add a webhook

1: Go to Settings → Organization → Developer and click the Webhooks tab.

2: Click Add webhook.

Avoma Webhooks tab showing the empty state or existing webhooks list with the Add webhook button

Webhooks tab showing the empty state or existing webhooks list with the Add webhook button

3. In the Name field, enter a descriptive name for this webhook—for example, “Sales meetings AI Notes Sync” or “Sales calls booked via scheduler”

4. In the Trigger event dropdown, select the event that should activate this webhook. Common options include:

  • AI notes ready — fires when Avoma generates meeting notes
  • Meeting booked via scheduler — fires when a meeting is scheduled through Avoma Scheduler
  • Meeting canceled via scheduler — fires when a scheduled meeting is canceled
  • Meeting rescheduled via scheduler — fires when a scheduled meeting’s date or time changes

5. Below the trigger event, you’ll see a sample payload. This shows what data your server will receive. Review it to understand the event structure.

Avoma Webhook creation dialog

Webhook creation dialog showing the Name field, Trigger event dropdown with an option selected, and sample payload preview below with Copy button

6. In the Target URL field, enter your server’s endpoint—the URL where Avoma will send webhook events. Only HTTPS is supported as of now due to security reasons.

7. In the Webhook trigger scope section, choose who can trigger this webhook:

  • All members — Selected trigger event from any organization member will trigger this webhook (default)
  • Only members in specific teams — Only events from users in selected teams will trigger this webhook

Avoma webhook creation dialouge

Webhook creation dialog showing the Target URL input field and Webhook trigger scope section with All members and specific teams radio button options

8. (Optional) Click Show Advanced Options to add custom headers. Use this if your server needs custom headers for authentication or routing with each webhook request.

9. Review all your settings and click Add webhook.

Avoma webhook advanced options

Webhook creation dialog with Advanced Options section expanded, showing custom header input fields for Header Name and Header Value with Delete button

 

NOTE:  Avoma will not send webhook events if your target URL returns an error or doesn’t respond within a reasonable time. Test your endpoint before deploying.

Tips

  • Choose a descriptive webhook name that identifies its purpose and destination. This makes it easier to manage as you add more webhooks.
  • If you only need to monitor meetings from specific teams, use the scope selector to limit unnecessary requests.
  • Start with a single webhook to test the integration. Once it’s working, add more as needed.

Manage webhooks

Once webhooks are set up, you can edit, test, or delete them anytime.

Edit a webhook

1. Go to Settings → Organization → Developer and click the Webhooks tab.

2. Find the webhook in the list and click the pencil icon.

Avoma Webhooks list showing multiple webhooks with the pencil icon in the Actions column

Webhooks list showing multiple webhooks with the pencil icon in the Actions column

3. Update any field: name, trigger event, target URL, scope, or headers.

4. Click Save and apply. Your webhook is now using the updated settings.

Avoma Webhook edit dialog showing updated fields with the Save and apply button

Webhook edit dialog showing updated fields with the Save and apply button

NOTE:  Editing a webhook does not affect other webhooks. Changes take effect immediately.

Delete a webhook

1. Find the webhook in the list and click the trash icon.

Avoma Webhooks list with the trash/delete icon visible in the Actions column

Webhooks list with the trash/delete icon visible in the Actions column

2. A confirmation dialog shows the webhook name, target URL, and trigger event. Review to confirm this is the right webhook.

3. Click Delete. The webhook is permanently removed and will no longer send events.

delete webhook dialougeDelete confirmation dialog showing the webhook name, target URL, trigger event, and Delete button with warning text

Important:  Deleting a webhook is permanent. Any external systems depending on it will stop receiving events. Be sure to have a replacement webhook ready or notify your team of the change.

 

Common questions

What happens if my server doesn’t respond to a webhook?

Avoma will retry the webhook request a limited number of times. If your server is down or slow, events may not be delivered. Check your server logs and endpoint availability.

Can I send webhooks for only certain teams?

Yes. When creating or editing a webhook, use the Webhook trigger scope section to select specific teams. The webhook will only fire for events from members in those teams.

How do I know if a webhook was triggered?

Check your server logs. Avoma sends HTTP POST requests to your target URL. If the webhook fires but your server doesn’t process it, you’ll see the request in your logs but no downstream action will occur. Also check that your Target URL is correct and your endpoint is responding with a success status code.

Can I add custom headers to secure my webhooks?

Yes. Click Show Advanced Options when creating or editing a webhook. Add headers like Authorization with a Bearer token or a custom API key. Your server can check these headers to validate that the request came from Avoma.

What’s the difference between the signing secret and custom headers?

Signing secret — Avoma signs the entire request body using your secret. Your server cryptographically verifies the signature to confirm the payload is authentic and unmodified. Custom headers — These are additional headers (like an API token) you add to each webhook request for your server to validate. Use these for simple authentication or routing. For maximum security, use both.

How many webhooks can I create?

The maximum number of webhooks per event type depends on your plan. Check your plan details in Avoma or contact our support team for more details.

Can I test a webhook before deploying?

Yes. Use a free online webhook testing tool to create a temporary endpoint, add a webhook pointing to it, trigger an event in Avoma, and see the payload in the service’s dashboard. This confirms the structure and content before integrating with your real system.

Related articles