Webhooks
Webhooks push signed HTTP POST requests to your server when something important happens—new messages, delivery updates, or device status changes—so you do not have to poll.Set up a webhook
Add your URL
In the dashboard open Developers → Webhooks and add an HTTPS endpoint, or create one with the API (below).
Manage webhooks with the API
| Action | Method | Endpoint |
|---|---|---|
| List | GET | /api/v1/webhooks/subscriptions |
| Create | POST | /api/v1/webhooks/subscriptions |
| Get | GET | /api/v1/webhooks/subscriptions/{id} |
| Update | PATCH | /api/v1/webhooks/subscriptions/{id} |
| Delete | DELETE | /api/v1/webhooks/subscriptions/{id} |
| Delivery history | GET | /api/v1/webhooks/subscriptions/{id}/events |
| Test endpoint | POST | /api/v1/webhooks/subscriptions/{id}/ping |
client.webhook_subscriptions (Python) and client.webhookSubscriptions (Node).
Security
Payloads are signed with HMAC-SHA256. Always verify against the raw body bytes, not a re-serialized JSON string. Delivery headers:X-Wazzapi-Signature—sha256=<hex digest>of the body using your webhook secretX-Wazzapi-Event— event nameX-Wazzapi-Event-ID— unique delivery id (use for idempotency)
Node.js
Python
Events you can subscribe to
| Event | When it fires |
|---|---|
message.received | Someone messaged your linked number |
message.sent | WhatsApp accepted your outbound message |
message.delivered | The recipient’s device got the message |
message.read | The recipient opened the message |
message.failed | Outbound send failed |
device.connected | A device is healthy again |
device.disconnected | A device dropped or needs attention |