Reference
Webhooks
Subscribe to conversation and message events with HMAC-signed payloads.
Webhooks let you mirror AskAIs Customer Service events into your own systems — CRMs, analytics, Slack, anything that speaks HTTP.
Creating a webhook
Go to Settings → Webhooks → New webhook. Pick events, paste your URL, save. You'll get a secret used to sign payloads.
Event types
conversation.createdconversation.updated— status, priority, assignmentconversation.resolvedmessage.created— any message, any sendercontact.createdcontact.updated
Payload shape
POST https://your-app.com/webhooks/singlink
Content-Type: application/json
X-SingLink-Event: message.created
X-SingLink-Signature: sha256=ab12cd34...
X-SingLink-Timestamp: 1747300800
{
"id": "evt_01HX...",
"type": "message.created",
"tenantId": "tnt_01HX...",
"data": { /* event-specific payload */ }
}Verifying signatures
Compute HMAC-SHA256 over timestamp + "." + rawBody with the webhook secret. Compare to the X-SingLink-Signature header (timing-safe).
import { createHmac, timingSafeEqual } from "node:crypto";
function verify(req, secret) {
const ts = req.headers["x-singlink-timestamp"];
const sig = req.headers["x-singlink-signature"];
const expected = "sha256=" + createHmac("sha256", secret)
.update(ts + "." + req.rawBody)
.digest("hex");
return timingSafeEqual(Buffer.from(sig), Buffer.from(expected));
}Retries
We retry non-2xx responses with exponential backoff: 1s, 10s, 1m, 10m, 1h. After 5 attempts the event is marked failed; you can see failures in the admin.
Test ping
Each webhook has a Send test button that posts a dummy webhook.ping event. Useful for verifying your endpoint accepts signatures before going live.