Skip to main content
WEBHOOK

Headers

X-Wazzapi-Signature
string
required

HMAC-SHA256 signature of the raw request body using your webhook secret. Verify the exact body bytes before parsing JSON.

Example:

"sha256=4e710b7fb7f5fa8ef4c8c9c7c4a28d9f6d8eb83ca8012f1d64d0170dc0f7f7d4"

X-Wazzapi-Event
string
required

Webhook event type for quick routing before inspecting the JSON payload.

Example:

"message.received"

X-Wazzapi-Event-ID
string<uuid>
required

Stable delivery attempt identifier that you can use for idempotency and tracing.

Body

application/json

Standard envelope for every webhook delivery sent by Wazzapi to your endpoint.

id
string<uuid>
required

Payload identifier generated for this webhook body.

event_type
enum<string>
required

Webhook event name you subscribed to.

Available options:
device.connected
timestamp
string<date-time>
required

UTC timestamp when Wazzapi created the webhook payload.

organization_id
string<uuid>
required

Organization that owns the event and webhook subscription.

webhook_id
string<uuid>
required

Webhook subscription identifier that produced the delivery.

data
object
required

Device lifecycle payload. Some message-oriented fields remain present for envelope consistency and may be empty strings or nulls.

Response

Acknowledge delivery. Any 2xx response marks the attempt as successful.