Webhook configuration
Configure each webhook in Settings → Webhooks. Options below apply when creating or editing a webhook.
Payload URL
Section titled “Payload URL”The HTTPS endpoint where webhook payloads are sent. Must be publicly accessible.
Example: https://api.example.com/webhooks/subnoto
Content type
Section titled “Content type”- application/json — Payload in the request body as JSON
- application/x-www-form-urlencoded — Payload in a form field (see Payloads)
Secret (optional)
Section titled “Secret (optional)”A secret key used to generate HMAC signatures. If set, requests include an X-Webhook-Signature header so you can verify authenticity.
Recommendation: Always set a secret and verify signatures in production.
SSL verification
Section titled “SSL verification”By default, Subnoto verifies SSL certificates when delivering payloads. Disabling verification is not recommended.
Events
Section titled “Events”- All events — Receive every envelope event
- Individual events — Choose only the events you need:
ENVELOPE_CREATED,ENVELOPE_SENT,ENVELOPE_OPENED,ENVELOPE_SIGNED,ENVELOPE_COMPLETED,ENVELOPE_DECLINED,ENVELOPE_CANCELED
Workspaces
Section titled “Workspaces”- All workspaces — Events from every workspace in your team
- Specific workspaces — Limit this webhook to selected workspaces
Active status
Section titled “Active status”When enabled, the webhook receives events. When disabled, it does not fire.