Webhooks

When an event occurs, and the configured rules are matched, SalesIQ Workflows can trigger one of three action types. The action types includes Deluge scripts, Flow builder (codeless), and Webhooks. 

Webhooks

Webhooks let you send real-time event data to external systems. Instead of polling an API repeatedly to check if something happened, the server (SalesIQ) sends a POST request to your specified URL as soon as the event occurs and rules match.

Webhooks are ideal for:

  • Real-time notifications
  • No polling required
  • Perfect for triggering automations in third-party tools (e.g., Slack, CRMs, ticketing systems)

Example: If a chat is rated sad, a webhook can notify your support team via Slack or create a task in your helpdesk tool.

Setup & Security

You can manage webhooks through the SalesIQ REST API.

Trusted Source Validation (Signature Verification)

Every webhook event triggered by SalesIQ is signed using the RSA Cryptosystem to ensure the integrity and authenticity of the payload.

Signature details

  • Algorithm: SHA256 with RSA
  • Encoding: Base64
  • Charset: UTF-8
  • Header: "x-siqsignature"

This signature allows your server to verify that the data received genuinely came from SalesIQ.

Working

SalesIQ generates a public/private key pair. You store the public key on your server.

  • SalesIQ generates a public/private key pair.
  • You store the public key on your server.
  • When your webhook receives a request, you:
    • Extract the x-siqsignature from the headers
    • Use the public key to verify the signature against the payload
  • If valid, you can trust the data source.

Signature header format

Copied{
  x-siqsignature: $signature
}

Webhook API endpoints

Key actionsEndpointMethodScope
Generate Public Key/api/v2/{screenname}/webhooks/{id}/keysPOSTSalesIQ.webhooks.CREATE
Delete Public Key/api/v2/{screenname}/webhooks/{id}/keys/{keyid}DELETESalesIQ.webhooks.DELETE

 

Secure Webhook Setup (Payload Structure)

To enable webhook security, you must set the secured flag to true when creating the webhook.

Example payload

Copied{
  "webhook": {
    "url": "https://your-endpoint.com",
    "secured": true
  },
  "published": true
}

This setup ensures that SalesIQ signs the data and your system validates it before processing.

Note:

  • Auto-retry count: 3 attempts, retried every 1 minute.
  • Timeout per webhook execution: 5 seconds.
  • Error log retention period: 60 days.

Trial run

Once the webhook setup is completed, click on Create. You will be redirected to the summary/preview page, where all workflow details are displayed.

To perform a trial run

  • Click on Trial run.
  • A list of events configured in your workflow will be displayed automatically.
  • Select the event you want to test.
  • A sample payload will be generated based on the selected event.
  • Click Edit to modify the payload values with data relevant to your portal.
  • Save the changes.
  • Click Run to execute the workflow.
  • The execution status will be displayed in the header.

Note:

  • Trial run executions are not recorded in workflow logs.
  • Trial runs execute the workflow in real time, and any configured actions or data updates will take effect.
  • Changes made to the payload directly affect the execution, so ensure the values are accurate.