Webhooks allow external systems to receive real-time notifications when specific events occur in AethenoxAI. Instead of polling for changes, your server receives an HTTP POST request the moment something happens — a message is received, a contact is created, a call is completed, and more.
Creating a Webhook
1
Go to Automation → Webhooks
Click "Automation" in the sidebar, then select "Webhooks" from the submenu.
2
Click Create Webhook
Click the "Create Webhook" button to open the configuration form.
3
Enter the endpoint URL
Provide the HTTPS URL of your server endpoint that will receive webhook payloads. The endpoint must return a 2xx status code to acknowledge receipt.
4
Select events to subscribe to
Choose which events should trigger the webhook. You can subscribe to one or more events from the available list.
5
Save the webhook
Click "Save" to activate the webhook. AethenoxAI will begin sending events to your endpoint immediately.
Webhook Events
The following events are available for webhook subscriptions:
message.received
Triggered when an incoming message is received from a contact.
message.sent
Triggered when a message is sent to a contact.
message.delivered
Triggered when a sent message is confirmed as delivered.
message.read
Triggered when a sent message is marked as read by the contact.
call.completed
Triggered when a voice call ends successfully.
call.missed
Triggered when an incoming call is missed or unanswered.
contact.created
Triggered when a new contact is added to the system.
contact.updated
Triggered when contact information is modified.
Testing
1
Use the Test button
From the webhook detail page, click "Send Test" to send a sample payload to your endpoint.
2
Verify your endpoint responds
Check that your server receives the test payload and returns a 2xx status code. The test result is displayed in the AethenoxAI dashboard.
3
Review delivery logs
Open the "Delivery Log" tab to see recent webhook deliveries, including response status codes and any errors.
Tip
Use a tool like RequestBin or ngrok during development to inspect webhook payloads before building your production handler.
Security
Every webhook request includes a signature header to verify that the payload was sent by AethenoxAI and has not been tampered with.
1
Copy your signing secret
Each webhook has a unique signing secret. Copy it from the webhook settings page.
2
Verify the signature
AethenoxAI sends a X-Aethenox-Signature header with each request. Compute an HMAC-SHA256 hash of the request body using your signing secret and compare it to the header value.
3
Reject invalid requests
If the computed hash does not match the signature header, reject the request with a 401 status code. This ensures only authentic AethenoxAI payloads are processed.
Warning
Always verify webhook signatures in production. Without verification, a malicious actor could send forged payloads to your endpoint.