Webhook

Estimated reading: 5 minutes

Overview

The Webhook action lets Advanced Form Integration (AFI) send your form submissions to any external URL as an outgoing HTTP request. Whenever a connected form is submitted, AFI builds a request (with your chosen method, headers, body, and authentication) and posts it to the endpoint you specify. This is the universal connector: if a service accepts incoming webhooks or has a REST API, you can reach it even when there is no dedicated AFI integration for it.

Common uses include sending leads to a custom API, triggering an automation in tools like Make or n8n, posting to a serverless function, or relaying data to an in-house application. The Webhook action is a PRO feature.

What You Can Configure

  • HTTP method: POST, GET, PUT, PATCH, or DELETE.
  • Destination URL, with merge tags supported.
  • Content type: JSON or form-urlencoded.
  • Authentication: Basic, Bearer token, API key (header or query), or a custom header.
  • Headers and body, using either a key/value builder or raw JSON.
  • HMAC request signing (optional) so the receiver can verify the payload.
  • A Send test request button to verify everything before saving.

Step 1: Choose the Webhook Action

Create or edit an integration, set up your trigger (the form whose data you want to send), then in the Action section:

  1. In the Action > Platform dropdown, select Webhook [PRO]. If you do not see it, activate it on the plugin settings page first.
  2. In the Task dropdown, select Send Data to Webhook.
3 Action Platform Webhook [PRO] Task Send Data to Webhook Choose “Webhook [PRO]” as the platform, then the “Send Data to Webhook” task.

Step 2: Set the Method and URL

Pick the HTTP Method the endpoint expects (POST is the most common for sending data), then enter the destination URL. The URL must start with http:// or https://. You may include merge tags in the URL if the endpoint needs a dynamic value.

Request HTTP Method POST GET . PUT . PATCH . DELETE URL https://api.example.com/leads

Note: for GET and HEAD requests, AFI automatically moves the data to the query string instead of the body, so the request is well-formed.

Step 3: Content Type and Authentication

Set the Content Type to match what the endpoint expects. application/json sends a JSON body, and application/x-www-form-urlencoded sends classic form-style data.

Then choose an Authentication method. AFI adds the correct header (or query parameter) for you:

  • None / Legacy: no auth, or the older username|password field for existing setups.
  • Basic Auth: enter a username and password.
  • Bearer Token: sends Authorization: Bearer <token>.
  • API Key: send a named key either as a header or as a query parameter.
  • Custom Header: any header name and value you need.
Content type & Authentication Content Type application/json Authentication Bearer Token None . Basic . Bearer . API Key . Custom Header Token sk_live_8a2c9f1e4b7d6033

Step 4: Build the Headers and Body

Both Headers and Body offer two modes. Use the link above each field to switch between them:

  • Key/value builder: add rows of name and value. This is the easiest way to construct a payload, and merge tags work in the values.
  • Raw JSON: paste a complete JSON object. Useful for complex or nested payloads.

If you leave the body empty, AFI sends the entire form submission as the payload. Add rows (or raw JSON) only when you want to control the exact shape and field names.

Body Use raw JSON Leave empty to send the whole submission. Merge tags allowed in values. FIELD NAME VALUE email {{email}} × full_name {{your-name}} × + Add field Tip: switch to “Use raw JSON” if you prefer pasting a full JSON body instead of rows.

Step 5: Sign the Request (Optional)

If the receiving endpoint verifies signatures, enable HMAC signing. Enter a Secret, choose the Header name the receiver expects, and pick the Algorithm (sha256, sha1, or sha512). AFI computes a hash of the request body and adds it as the chosen header, in the format algorithm=signature. Leave the secret empty to disable signing.

Sign request (HMAC) OPTIONAL Secret whsec_3f8a1c9e2b4d Header X-AFI-Signature Algorithm sha256 value: algo=signature

Step 6: Send a Test Request

Before saving, click Send test request to fire the configured request immediately. AFI uses a small sample payload (merge tags resolve to sample values), so this checks your URL, authentication, and headers without needing a real submission. The response appears right below, showing the method, URL, status code, and the response body.

Test Send test request Sends the request now with a small sample payload (merge tags resolve to sample values). POST https://api.example.com/leads Status: 200 OK { “id”: 4821, “status”: “created” }

Step 7: Save

Apply Conditional Logic if you only want to send certain submissions, then click Save Integration. From now on, every matching form submission is sent to your endpoint automatically.

Reliability Notes

  • If the endpoint returns HTTP 429 (rate limited), AFI retries once, honoring the Retry-After header.
  • The destination URL is validated, so only http and https addresses are allowed.
  • If you use raw JSON for headers or body and the JSON is invalid, the request is stopped and the error is recorded in the integration log instead of sending a broken request.
  • Every request and its response are saved to the AFI log, so you can review what was sent and what came back.
Receiver Platforms - Previous Wealthbox CRM Next - Receiver Platforms WebinarJam