Enterprise Webhooks
Get notified in real-time when things happen in your enterprise account! Webhooks send HTTP notifications to your servers whenever important events occur, so you can integrate Axie Studio with your existing systems.
What Are Webhooks?
Webhooks are like phone calls from Axie Studio to your server. When something happens (like a team member is added), we send a notification to your URL so you can react to it automatically.
Why Use Enterprise Webhooks?
Automate Your Workflows
- Sync with CRM: Automatically create leads when forms are submitted
- Update Databases: Save team member changes to your database
- Send Notifications: Alert your team in Slack, Teams, or Discord
- Trigger Actions: Start processes in other systems automatically
Real-Time Integration
- Instant Notifications: Get notified immediately when events happen
- No Polling Needed: We push data to you, you don't need to check constantly
- Reliable Delivery: Automatic retries if your server is temporarily down
- Secure: Every webhook is signed so you know it's from us
How Webhooks Work
The Flow
1. Event Happens (e.g., team member added)
↓
2. Axie Studio Sends HTTP POST to Your URL
↓
3. Your Server Receives the Webhook
↓
4. You Process the Data
↓
5. You Respond (200 OK = success)
Example:
- Sarah adds Mike to the team
- Axie Studio sends webhook to
https://your-server.com/webhooks/team - Your server receives:
{ "event": "user.created", "data": { "email": "mike@company.com" } } - Your server creates Mike in your CRM
- Your server responds:
200 OK - Done! Mike is now in your CRM automatically.
Setting Up Your First Webhook
Step 1: Go to Webhooks Page
- Go to Dashboard → Enterprise → Webhooks
- You'll see the webhooks management page
What You'll See:
- Header with "Webhooks" title and total count
- Stats cards showing: Total, Active, Inactive, Events
- List of your webhooks (empty if this is your first)
- "Create" button to add a new webhook
Step 2: Click "Create"
- Click the "Create" button
- The Create Webhook dialog opens
Step 3: Configure Your Webhook
Required Fields:
Webhook URL:
- Your server endpoint that will receive webhooks
- Must start with
https://(required for security) - Example:
https://your-server.com/api/webhooks/axie
Events:
- Select which events you want to receive
- You can select multiple events
- Available events:
user.created- New team member addeduser.updated- Team member profile updateduser.deleted- Team member removedrole.changed- Team member role changedenterprise.created- Enterprise account createdenterprise.updated- Enterprise settings updatedsettings.updated- Enterprise settings changed
Optional Fields:
Secret:
- Leave blank to auto-generate a secure secret
- Or enter your own secret (must be at least 32 characters)
- Used to verify webhooks are from Axie Studio
Active Status:
- Toggle to enable/disable the webhook
- Disabled webhooks won't send notifications
Example Configuration:
URL: https://your-server.com/api/webhooks/axie
Events:
☑ user.created
☑ user.updated
☑ user.deleted
☑ role.changed
Secret: [Leave blank to auto-generate]
Active: ☑ Enabled
Step 4: Save Your Webhook
- Click "Create Webhook"
- Your webhook is created!
- Important: Copy the webhook secret - you'll need it to verify webhooks
- The secret is shown only once for security
What Happens Next:
- Webhook appears in your list
- Starts sending notifications immediately (if active)
- You'll receive an email confirmation
Managing Your Webhooks
View All Webhooks
On the Webhooks page, you'll see:
- List of all webhooks with their status
- Search bar to find specific webhooks
- Filter buttons to show All, Active, or Inactive webhooks
For Each Webhook, You Can See:
- URL endpoint
- Number of events subscribed
- Active/Inactive status
- Created date
- Quick actions (Edit, Test, View History, Delete)
Edit a Webhook
- Click "Edit" on any webhook
- Update URL, events, or active status
- Click "Save"
- Changes take effect immediately
What You Can Change:
- Webhook URL
- Subscribed events (add or remove)
- Active status (enable/disable)
Note: You can't change the secret after creation. Use "Rotate Secret" to generate a new one.
Test a Webhook
Test your webhook to make sure it's working:
- Click "Test" on any webhook
- Axie Studio sends a test webhook to your URL
- Check your server logs to see if it received it
- You'll see the test result in the interface
Test Payload:
{
"event": "webhook.test",
"timestamp": "2025-11-23T10:30:15Z",
"version": "v1",
"enterpriseId": "ent_abc123",
"data": {
"message": "This is a test webhook"
}
}
View Delivery History
See all webhook deliveries and their status:
- Click "View History" on any webhook
- See list of all deliveries:
- Success: Webhook delivered successfully (200 response)
- Failed: Webhook failed (non-200 response or timeout)
- Pending: Webhook is being retried
For Each Delivery, You Can See:
- Event type
- Delivery time
- Status (Success/Failed/Pending)
- Response code
- Response time
- Retry attempts
Replay Failed Deliveries:
- Click "Replay" on any failed delivery
- Webhook is sent again immediately
- Useful if your server was down temporarily
Rotate Webhook Secret
Generate a new secret for security:
- Click "Rotate Secret" on any webhook
- New secret is generated
- Important: Copy the new secret immediately
- Update your server to use the new secret
- Old secret stops working after rotation
When to Rotate:
- If secret is compromised
- As part of regular security maintenance
- When team members with secret access leave
Delete a Webhook
- Click "Delete" on any webhook
- Confirm deletion
- Webhook is permanently removed
- No more notifications will be sent
Permanent Action
Deleting a webhook stops all notifications immediately. Make sure you really want to delete it!
Webhook Events
Available Events
Team Member Events:
user.created- New team member added to enterpriseuser.updated- Team member profile or settings updateduser.deleted- Team member removed from enterpriserole.changed- Team member role changed (Owner/Admin/User)
Enterprise Events:
enterprise.created- Enterprise account createdenterprise.updated- Enterprise settings or configuration updatedsettings.updated- Enterprise settings changed
Coming Soon:
- Chat interface events
- Document upload events
- API key events
Webhook Payload Format
Standard Payload Structure
Every webhook follows this format:
{
"event": "user.created",
"timestamp": "2025-11-23T10:30:15Z",
"version": "v1",
"enterpriseId": "ent_abc123",
"data": {
// Event-specific data here
}
}
Fields:
event: The event type (e.g., "user.created")timestamp: When the event happened (ISO 8601 format)version: API version (currently "v1")enterpriseId: Your enterprise IDdata: Event-specific information
Event-Specific Payloads
user.created
{
"event": "user.created",
"timestamp": "2025-11-23T10:30:15Z",
"version": "v1",
"enterpriseId": "ent_abc123",
"data": {
"userId": "user_xyz789",
"email": "john@company.com",
"name": "John Smith",
"role": "user",
"invitedBy": "sarah@company.com",
"invitedByEmail": "sarah@company.com"
}
}
user.updated
{
"event": "user.updated",
"timestamp": "2025-11-23T10:30:15Z",
"version": "v1",
"enterpriseId": "ent_abc123",
"data": {
"userId": "user_xyz789",
"email": "john@company.com",
"name": "John Smith",
"role": "user",
"updatedFields": ["name", "role"]
}
}
user.deleted
{
"event": "user.deleted",
"timestamp": "2025-11-23T10:30:15Z",
"version": "v1",
"enterpriseId": "ent_abc123",
"data": {
"userId": "user_xyz789",
"email": "john@company.com",
"deletedBy": "sarah@company.com"
}
}
role.changed
{
"event": "role.changed",
"timestamp": "2025-11-23T10:30:15Z",
"version": "v1",
"enterpriseId": "ent_abc123",
"data": {
"userId": "user_xyz789",
"email": "john@company.com",
"oldRole": "user",
"newRole": "admin",
"changedBy": "sarah@company.com"
}
}
Webhook Security
Verifying Webhooks
Every webhook includes a signature so you can verify it's from Axie Studio:
Headers:
X-Webhook-Event: user.created
X-Webhook-Signature: sha256=abc123...
X-Webhook-Timestamp: 1732294800
User-Agent: AxieStudio-Webhook/1.0
How to Verify:
- Get the signature from
X-Webhook-Signatureheader - Get the timestamp from
X-Webhook-Timestampheader - Get the raw request body
- Create HMAC-SHA256 hash using your webhook secret
- Compare with the signature
Example Code (Node.js):
const crypto = require('crypto');
function verifyWebhook(req, secret) {
const signature = req.headers['x-webhook-signature'];
const timestamp = req.headers['x-webhook-timestamp'];
const body = JSON.stringify(req.body);
// Create expected signature
const expectedSignature = crypto
.createHmac('sha256', secret)
.update(body)
.digest('hex');
// Compare signatures
return signature === `sha256=${expectedSignature}`;
}
Why Verify:
- Prevents fake webhooks from malicious actors
- Ensures data integrity
- Protects your system
HTTPS Requirement
All webhook URLs must use HTTPS:
- Required for security
- Protects data in transit
- Industry standard
If you need HTTP for testing:
- Use a local tunnel service (ngrok, localtunnel)
- Or test with HTTPS endpoint
Webhook Delivery & Retries
How Deliveries Work
- Event happens → Webhook is queued
- Immediate attempt → We send to your URL
- If successful (200 response) → Done!
- If failed → We retry automatically
Retry Logic
We automatically retry failed webhooks:
Attempt 1: Immediate
Attempt 2: 2 seconds later
Attempt 3: 4 seconds later
Attempt 4: 8 seconds later
Attempt 5: 16 seconds later
Max: 5 attempts total
What Counts as Success:
- HTTP 200 response
- Response within 30 seconds
What Counts as Failure:
- Non-200 response (400, 500, etc.)
- Timeout (no response in 30 seconds)
- Connection error
After 5 Failed Attempts:
- Webhook is marked as failed
- You can replay it manually from delivery history
- No more automatic retries
Common Integrations
Slack Integration
Step 1: Create Slack Webhook
- Go to https://api.slack.com/apps
- Create new app or select existing
- Enable "Incoming Webhooks"
- Add webhook to workspace
- Copy webhook URL
Step 2: Configure in Axie Studio
- Create webhook in Axie Studio
- URL: Your Slack webhook URL
- Events: Select events you want
- Save
Step 3: Format for Slack (Optional) You may need a middleware to format messages for Slack. Or use Zapier (see below).
Microsoft Teams Integration
Step 1: Create Teams Webhook
- Go to Teams channel
- Click "..." → Connectors
- Add "Incoming Webhook"
- Configure and copy URL
Step 2: Configure in Axie Studio
- Create webhook in Axie Studio
- URL: Your Teams webhook URL
- Events: Select events you want
- Save
Zapier Integration (No-Code)
Step 1: Create Zapier Webhook
- Go to Zapier
- Create new Zap
- Trigger: "Webhooks by Zapier" → "Catch Hook"
- Copy webhook URL
Step 2: Configure in Axie Studio
- Create webhook in Axie Studio
- URL: Your Zapier webhook URL
- Events: Select events you want
- Save
Step 3: Configure Zapier Action
- Add action in Zapier
- Choose destination (Slack, Email, Database, etc.)
- Map webhook data to action
- Test and activate
Benefits:
- No coding required
- Connect to 1000+ apps
- Easy to set up
Custom Server Integration
Example Endpoint (Node.js/Express):
const express = require('express');
const crypto = require('crypto');
const app = express();
app.use(express.json());
app.post('/webhooks/axie', (req, res) => {
// Verify webhook signature
const secret = process.env.WEBHOOK_SECRET;
const signature = req.headers['x-webhook-signature'];
if (!verifyWebhook(req, secret)) {
return res.status(401).send('Invalid signature');
}
// Process webhook
const { event, data } = req.body;
switch (event) {
case 'user.created':
// Add user to your CRM
addUserToCRM(data);
break;
case 'user.updated':
// Update user in your CRM
updateUserInCRM(data);
break;
// ... handle other events
}
// Always respond 200
res.status(200).json({ received: true });
});
function verifyWebhook(req, secret) {
const signature = req.headers['x-webhook-signature'];
const body = JSON.stringify(req.body);
const expected = crypto
.createHmac('sha256', secret)
.update(body)
.digest('hex');
return signature === `sha256=${expected}`;
}
app.listen(3000);
Best Practices
1. Always Verify Signatures
- Never trust webhooks without verification
- Use the webhook secret to verify signatures
- Reject webhooks with invalid signatures
2. Respond Quickly
- Respond within 30 seconds
- Process webhooks asynchronously if needed
- Return 200 OK immediately, then process
3. Handle Failures Gracefully
- Log all webhook deliveries
- Monitor for failures
- Replay failed webhooks when your server is back up
4. Keep Secrets Secure
- Store webhook secrets securely
- Never commit secrets to code
- Rotate secrets regularly
5. Test Your Endpoints
- Use the "Test" button to verify your endpoint works
- Test with different event types
- Verify signature validation works
Troubleshooting
Webhook Not Receiving Events
Check:
- ✅ Webhook is active (not disabled)
- ✅ Events are selected correctly
- ✅ URL is correct and accessible
- ✅ Server is responding with 200 OK
Solution:
- Test webhook using "Test" button
- Check delivery history for errors
- Verify your server is accessible from internet
Webhook Signature Verification Failing
Check:
- ✅ Using correct webhook secret
- ✅ Comparing signatures correctly
- ✅ Using raw request body (not parsed)
- ✅ HMAC-SHA256 algorithm
Solution:
- Copy webhook secret again (use "Rotate Secret" if needed)
- Verify your verification code matches examples
- Check that you're using the raw body, not parsed JSON
Webhooks Timing Out
Check:
- ✅ Server responds within 30 seconds
- ✅ No long-running operations in webhook handler
- ✅ Server is not overloaded
Solution:
- Process webhooks asynchronously
- Return 200 OK immediately
- Do heavy processing in background job
Delivery History Shows Failures
Check:
- ✅ Server is running and accessible
- ✅ Server returns 200 OK
- ✅ No errors in server logs
Solution:
- Check server logs for errors
- Fix any issues in your webhook handler
- Replay failed deliveries after fixing
Next Steps
Ready to set up webhooks? Go to Dashboard → Enterprise → Webhooks → Create!