DocumentationAPI Reference

Creating and monitoring webhooks

A webhook sends an HTTP request to a specified URL in response to activity in Zendesk Support. For example, you can configure a webhook to send requests when a user is deleted or a new ticket is created. You can manage webhooks using Admin Center or the Webhooks API.

Connection methods

There are two ways to connect a webhook to activity in Zendesk Support:

  • Subscribe the webhook to one or more Zendesk events. Use this connection method to send requests based on organization or user activity. For a list of supported event types, see Webhook event types in the API reference.

  • Connect the webhook to a trigger or automation. Use this connection method to send requests based on ticket activity.

Important: A webhook that's subscribed to a Zendesk event can't connect to a trigger or automation. Similarly, a webhook that's connected to a trigger or automation can't subscribe to Zendesk events. You can’t change an existing webhook’s connection method.

Creating a webhook

To create a webhook using the API, make a request to the Create or Clone Webhook endpoint. In the request body, specify the following parameters:

  • A name for the webhook. The name doesn't need to be unique
  • A status indicating whether the webhook is "active" or "inactive"
  • An array of event subscriptions for the webhook. To subscribe the webhook to Zendesk events, specify one or more event types. For supported event type values, see Webhook event types. To connect the webhook to a trigger or automation, specify only "conditional_ticket_events" in the array.
  • An endpoint URL. The webhook sends requests to this URL
  • An http_method for the webhook's requests. To subscribe the webhook to Zendesk events, this must be "POST"
  • A request_format for the webhook's requests. To subscribe the webhook to Zendesk events, this must be "json"

You can also specify an optional authentication parameter. The parameter adds basic or bearer authentication to the webhook's requests. For more information, see Webhook security and authentication.

The following request creates a webhook that's subscribed to two Zendesk events: User created and Organization created. The request's subscriptions parameter is highlighted.

curl -X POST https://{subdomain}.zendesk.com/api/v2/webhooks \  -u {email_address}:{password} \  -H "Content-Type:application/json" \  -d '{    "webhook": {      "name": "WEBHOOK_NAME",      "status": "active",      "endpoint": "DESTINATION_URL",      "http_method": "POST",      "request_format": "json",      "subscriptions": [        "zen:event-type:user.created",        "zen:event-type:organization.created"      ],      "authentication": {        "type": "bearer_token",        "data": {          "token": "TOKEN"        },        "add_position": "header"      }    }  }'

The following request creates a webhook that can be connected to a trigger or automation.

curl -X POST https://{subdomain}.zendesk.com/api/v2/webhooks \  -u {email_address}:{password} \  -H "Content-Type:application/json" \  -d '{    "webhook": {      "name": "WEBHOOK_NAME",      "status": "active",      "endpoint": "DESTINATION_URL",      "http_method": "POST",      "request_format": "json",      "subscriptions": [        "conditional_ticket_events"      ],      "authentication": {        "type": "bearer_token",        "data": {          "token": "TOKEN"        },        "add_position": "header"      }    }  }'

If successful, the request's response contains a unique id for the webhook.

{  "webhook": {    "id": "01GD0NSM4FV0YVJ535XBA3X0XV",    "name": "WEBHOOK_NAME",    ...  }}

Connecting a webhook to a trigger or automation

To connect a webhook to a trigger or automation, use the respective trigger or automation actions property's "notification_webhook" field. This field's value is an array of two strings specifying the webhook's id and the request's content.

For webhooks that use the POST, PUT, or PATCH HTTP method with a JSON or XML request format, the content is the request payload. The following action property adds a JSON request payload.

{  "actions": [    {      "field": "notification_webhook",      "value": ["123ABC", "{\"foo\": \"bar\"}\n"]    }  ]}

Webhooks using other HTTP methods or formats don't include a request payload. Instead, you can add custom URL parameters as an array of two key-value strings. For example, the following action property adds the ?foo=bar&baz=qux URL parameters.

{  "actions": [    {      "field": "notification_webhook",      "value": [        "123ABC",        [          ["foo", "bar"],          ["baz", "qux"]        ]      ]    }  ]}

For more information about the actions property for trigger and automation objects, see Actions reference.

Cloning a webhook

To clone an existing webhook using the API, make a Create or Clone Webhook request. In the request, use the clone_webhook_id URL parameter to specify a webhook to clone. Don't include a request body.

curl -X POST 'https://{subdomain}.zendesk.com/api/v2/webhooks?clone_webhook_id={webhook_id}' \  -u {email_address}:{password}

A cloned webhook has a unique id but uses the same name as the original webhook. You can specify a new name using an Update Webhook request. Cloned webhooks aren't connected to any triggers or automations upon creation.

Monitoring webhooks

Note: The activity log for webhooks is in an open beta. If your account moves to a different pod for any reason, all webhook activity logs for the last seven dates are deleted.

An activity log captures all activity and the status of each invocation for each webhook in the last seven days:

GET /api/v2/webhooks/{webhook_id}/invocations/

You can filter the list in a variety of ways. For example, to see a record of all failed invocations in the last seven days, add the parameter filter[status] to your request:

GET /api/v2/webhooks/{webhook_id}}/invocations?filter[status]=failed

Webhook retry logic

If the first attempt isn't successful, webhook invocations are retried up to three times if the server receiving the request returns an HTTP error code response of 409. Additionally, HTTP error code responses of 429 and 503 are retried if they contain a retry-after header with a value that is less than 60 seconds from the time the response is received. Webhook requests that time out are retried up to five times. Consecutive failed requests won't deactivate the webhook but could trigger the webhook circuit breaker.

Each invocation of a webhook has a unique id that can be used to get detailed information about the attempts made for that invocation:

GET /api/v2/webhooks/{webhook_id}/invocations/{invocation_id}/attempts

Webhook circuit breaker

The webhook circuit breaker is designed to avoid bombarding broken endpoints with requests and is triggered under the following conditions:

  • Within a five-minute period, 70% of a webhook's requests result in errors.
  • A webhook receives more than 1,000 error responses within a five-minute period.

Note: The circuit breaker won't trigger if a webhook sends fewer than 100 requests within a five-minute period, regardless of the error rate.

When the circuit breaker triggers for a webhook, the webhook can't send requests for five seconds, even if an event or business rule would otherwise trigger it. After five seconds, the webhook can be triggered to send its request to the target endpoint. If that request receives an error response, the circuit breaker is triggered again for five seconds. This cycle continues until a successful request is sent, at which point the circuit breaker resets.

Each invocation attempt during the five-second circuit breaker pause is logged with a status of circuit broken.