Webhook Configuration
Configure incoming webhooks for post-call events, scheduling, Stripe, and platform integrations
Overview
The platform receives incoming webhooks from several external services to keep data in sync and trigger automated workflows. This page covers the available webhook endpoints, how to configure them, and security considerations.
Webhook Endpoints
| Endpoint | Source | Purpose |
|---|---|---|
/webhooks/elevenlabs | ElevenLabs | Post-call events, transcript updates, recording status |
/webhooks/cal-com | Cal.com | Booking confirmations, cancellations, reschedules |
/webhooks/stripe | Stripe | Payment events, invoice status, subscription changes |
/webhooks/ghl | GoHighLevel | Contact updates, pipeline changes |
/webhooks/meta-leadgen | Meta | Lead form submissions from Facebook/Instagram ads |
/webhooks/recording-status | Twilio | Call recording completion and availability |
/integrations/cloudflare/pages-webhook | Cloudflare | Pages deployment success/failure notifications |
/debug/client-report | Client Debug Reporter | Client-submitted bug reports with screenshots, browser events, and metadata |
/debug/screenshots/:token | Client Debug Reporter | Serve compressed page screenshots (read-only, token-gated) |
ElevenLabs Webhook
Receives post-call events from the voice AI platform:
- Configure the webhook URL in your ElevenLabs agent settings
- Set the callback URL to:
https://YOUR_API_HOST/webhooks/elevenlabs - The platform processes call outcomes, transcripts, and recording URLs
ElevenLabs webhooks may include sensitive call data. Ensure the endpoint is only accessible over HTTPS.
Cal.com Webhook
Syncs booking events with the platform:
- In Cal.com, go to Developer → Webhooks
- Add the endpoint:
https://YOUR_API_HOST/webhooks/cal-com - Subscribe to:
BOOKING_CREATED,BOOKING_CANCELLED,BOOKING_RESCHEDULED - Set the webhook secret for signature verification
The platform uses booking webhooks to:
- Track booked appointments as conversions
- Associate bookings with the originating call or campaign
- Update agent metrics and conversion rates
Stripe Webhook
Essential for billing operations. See Billing Setup for the full configuration guide.
Key events to subscribe to:
invoice.created,invoice.finalized,invoice.paid,invoice.payment_failedcharge.succeeded,charge.refundedcustomer.subscription.created,customer.subscription.updated,customer.subscription.deletedproduct.created,price.created(for catalog sync)
# Webhook signing secret
STRIPE_WEBHOOK_SECRET=whsec_...
Meta Lead Gen Webhook
Receives lead form submissions from Meta Ads:
- Set
META_WEBHOOK_VERIFY_TOKENto a random value you control - In the Meta app webhook settings, set the callback URL to:
https://YOUR_API_HOST/webhooks/meta-leadgen
- Subscribe the app to Page
leadgenevents - In the admin, use Leads → Subscribe to activate lead form subscriptions for each Page
Production webhook POSTs require x-hub-signature-256 signed with META_WEBHOOK_APP_SECRET. Unsigned webhooks are only accepted in local development when no webhook app secret is configured.
GoHighLevel Webhook
Receives contact and pipeline updates from GHL:
- In GHL, configure the webhook in Settings → Integrations → Webhooks
- Point to:
https://YOUR_API_HOST/webhooks/ghl - The platform processes contact updates and syncs them with client records
Cloudflare Pages Webhook
Records deployment success/failure for bound websites:
CLOUDFLARE_PAGES_WEBHOOK_SECRET=your_shared_secret
Send the secret in one of these headers:
Authorization: Bearer <SECRET>x-affinity-webhook-secret: <SECRET>x-cloudflare-webhook-secret: <SECRET>
Security
All webhook endpoints implement verification:
| Webhook | Verification Method |
|---|---|
| Stripe | Stripe-Signature header with HMAC |
| Meta | x-hub-signature-256 with app secret |
| Cal.com | Webhook secret signature |
| ElevenLabs | API key or signature header |
| Cloudflare | Shared secret via header |
Never disable webhook verification in production. Always use HTTPS endpoints and keep webhook secrets out of version control.
Troubleshooting
| Issue | Resolution |
|---|---|
| Webhook returns 401 | Signature verification failed — check the webhook secret |
| Webhook returns 403 | Verify token doesn't match (Meta) |
| Events not processing | Check that the webhook is subscribed to the correct events |
| Duplicate processing | Ensure the same webhook isn't registered multiple times |
| Stripe events delayed | Check Stripe Dashboard for delivery status and retry logs |
