Receiving messages via webhooks

Webhooks send real-time HTTP notifications to your server when events happen in AIsoule.

What are webhooks?

Instead of polling the API repeatedly, webhooks push data to your server instantly when:

A new message arrives
A message is delivered or read
A contact is created or updated
A campaign completes
An agent transfer happens

Setting up a webhook

Go to Settings → Webhooks
Click "New Webhook"
Configure:
- Name — Descriptive name (e.g., "CRM Sync")
- URL — Your server endpoint (must be HTTPS)
- Events — Select which events to receive
- Secret — Auto-generated HMAC secret for verification
Click Save

Available events

Event	Triggered when
`message.incoming`	New message received from customer
`message.sent`	Message sent successfully
`message.delivered`	Message delivered to recipient
`message.read`	Message read by recipient
`message.failed`	Message delivery failed
`contact.created`	New contact added
`contact.updated`	Contact data changed
`campaign.completed`	Campaign finished sending
`transfer.created`	Agent transfer initiated

Webhook payload format

{
  "event": "message.incoming",
  "timestamp": "2026-05-29T10:30:00Z",
  "data": {
    "message_id": "wamid.xxx",
    "from": "+919876543210",
    "contact_name": "John Doe",
    "type": "text",
    "text": "Hello, I need help with my order",
    "whatsapp_account_id": "uuid"
  }
}

Verifying webhook signatures

Every webhook request includes an HMAC-SHA256 signature in the X-Webhook-Signature header.

To verify:

Get the raw request body
Compute HMAC-SHA256 using your webhook secret
Compare with the X-Webhook-Signature header

import hmac, hashlib

def verify_signature(body, signature, secret):
    expected = hmac.new(secret.encode(), body, hashlib.sha256).hexdigest()
    return hmac.compare_digest(expected, signature)