Managing your Webhooks
How do I manage my Webhooks?
In order to be able to manage Webhooks through our API, please contact our sales team to enable that functionality on your account.
Authentication
All webhook endpoints require a valid API key passed via the Authorization header. If you don't have a valid API key, please contact our sales team.
Rate Limits
| Endpoint | Rate Limit |
|---|---|
| Create a Webhook | 5 requests per hour |
| All other endpoints | 120 requests per minute |
Limits
Each API key can have a maximum of 10 webhooks.
Event Types
The following event types are currently available for webhooks:
| Value | Label |
|---|---|
clientview_updated | Triggers when a ClientView Updated |
incremental_update | Triggers with each Incremental Update |
series_updated | Triggers when a Series is updated |
You can also retrieve the list of available event types programmatically via GET /api/v2/webhooks/event-types.
Webhook Object
| Field | Type | Description |
|---|---|---|
id | integer | Unique identifier for the webhook. |
url | string | The URL that will receive webhook deliveries. |
event_type | string | The event type this webhook is subscribed to. |
active | boolean | Whether the webhook is currently active. At creation, this will be automatically enabled. |
is_test | boolean | Whether this is a test webhook. Test webhooks do not receive production deliveries. |
header_name | string | Name of the authentication header sent with each delivery. |
prefix | string | Prefix prepended to the auth secret in the header value (e.g. Bearer). |
masked_auth_secret | string | Masked version of the auth secret, showing only the last 4 characters (e.g. ****7890). |
created_at | datetime | Timestamp of when the webhook was created. |
Webhook Actions
Create a Webhook
API Reference: https://docs.daloopa.com/reference/create_webhook
curl --request POST \
--url https://app.daloopa.com/api/v2/webhooks \Creates a new webhook for the authenticated user.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
url | string | Yes | The URL that will receive webhook deliveries. |
event_type | string | Yes | One of the available event types. See the Event Types section for more information. |
is_test | boolean | Yes | Set to true to create a test webhook that won't receive production deliveries. |
header_name | string | No | Name of the authentication header to include in deliveries. (e.g, Authorization, X-API-KEY) |
prefix | string | No | Prefix for the auth secret value (e.g. Bearer). |
auth_secret | string | No | Secret value used for authenticating deliveries. Stored encrypted; only the last 4 characters are visible after creation. |
Example Request
{
"url": "https://example.com/webhook",
"event_type": "clientview_updated",
"is_test": false,
"header_name": "Authorization",
"prefix": "Bearer",
"auth_secret": "my-secret-token"
}Response 201 Created
Returns the created Webhook object.
Errors
| Status | Description |
|---|---|
400 Bad Request | Invalid or missing required fields. |
403 Forbidden | Webhook limit reached (max 10 per API key), rate limit reached or account not enabled. |
List your Webhooks
API Reference: https://docs.daloopa.com/reference/list_webhooks
curl --request GET \
--url https://app.daloopa.com/api/v2/webhooks \Returns all webhooks owned by the authenticated user. Supports pagination and filtering.
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
event_type | string | No | Filter by event type. |
is_test | boolean | No | Filter by test/production webhooks. |
active | boolean | No | Filter by active/inactive webhooks. |
limit | integer | No | Maximum number of results to return. |
offset | integer | No | Number of results to skip for pagination. |
Response 200 OK
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"url": "https://example.com/webhook",
"event_type": "clientview_updated",
"active": true,
"is_test": false,
"header_name": "Authorization",
"prefix": "Bearer",
"masked_auth_secret": "****oken",
"created_at": "2025-01-15T10:30:00Z"
}
]
}Retrieve a Webhook
API Reference: https://docs.daloopa.com/reference/retrieve_webhook
curl --request GET \
--url https://app.daloopa.com/api/v2/webhooks/{id} \Returns a single webhook by its ID.
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | integer | The webhook ID. |
Response 200 OK
Returns the Webhook object.
Errors
| Status | Description |
|---|---|
404 Not Found | Webhook does not exist or does not belong to the authenticated user. |
Update a Webhook
API Reference: https://docs.daloopa.com/reference/update_webhook
curl --request PATCH \
--url https://app.daloopa.com/api/v2/webhooks/{id} \Updates an existing webhook. Only the fields you include in the request body will be modified. At least one field must be provided.
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | integer | The webhook ID. |
Request Body
All fields are optional, but at least one must be provided.
Field | Type | Description |
|---|---|---|
| string | The new delivery URL. |
| string | The new event type. |
| boolean | Whether this is a test webhook. |
| boolean | Whether the webhook is active. |
| string | New authentication header name. |
| string | New auth secret prefix. |
| string | New auth secret value. This value will be encrypted |
Example Request
{
"url": "https://example.com/new-webhook-endpoint",
"active": false
}Response 200 OK
Returns the updated Webhook object.
Errors
| Status | Description |
|---|---|
400 Bad Request | No fields provided or invalid field values. |
404 Not Found | Webhook not found. |
Delete a Webhook
API Reference: https://docs.daloopa.com/reference/delete_webhook
curl --request DELETE \
--url https://app.daloopa.com/api/v2/webhooks/{id} \Permanently deletes a webhook. This action cannot be undone.
Path Parameters
| Parameter | Type | Description |
|---|---|---|
id | integer | The webhook ID. |
Response 204 No Content
No response body.
Errors
| Status | Description |
|---|---|
404 Not Found | Webhook not found. |
List Event Types
API Reference: https://docs.daloopa.com/reference/list_webhook_types
curl --request GET \
--url https://app.daloopa.com/api/v2/webhooks/event-types \Returns the list of supported webhook event types.
Response 200 OK
[
{ "value": "clientview_updated", "label": "Clientview Updated" },
{ "value": "incremental_update", "label": "Incremental Update" },
{ "value": "series_updated", "label": "Series Updated" }
]List Webhook Deliveries
curl --request GET \
--url https://app.daloopa.com/api/v2/webhooks/deliveries \Returns delivery history of webhooks registered under the authenticated user in reverse chronological order. Supports pagination and filtering.
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
webhook_id | integer | No | Filter deliveries by a specific webhook. |
is_test | boolean | No | Filter by test or production deliveries. |
limit | integer | No | Maximum number of results to return (default: 500, max: 500). |
offset | integer | No | Number of results to skip for pagination. |
Response 200 OK
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"timestamp": "2025-01-15T10:30:00Z",
"event_type": "clientview_updated",
"company_id": 12345,
"response_status": 200,
"response_body": "OK",
"is_test": false,
"duration_ms": 142
}
]
}Delivery Object
| Field | Type | Description |
|---|---|---|
id | integer | Unique identifier for the delivery. |
timestamp | datetime | When the delivery was sent. |
event_type | string | The event type that triggered the delivery. |
company_id | integer | The company ID associated with the event. |
response_status | integer or null | HTTP status code returned by the endpoint. null if the request failed (e.g. timeout). |
response_body | string or null | Truncated response body from the endpoint. |
is_test | boolean | Whether this was a test delivery. |
duration_ms | integer or null | Round-trip time in milliseconds. |
FAQ
Is the auth_secret stored securely?
auth_secret stored securely?Yes. The auth_secret is stored encrypted. After creation, only the last 4 characters are visible via the masked_auth_secret field (e.g. ****oken).
What happens when I hit the webhook limit?
The POST /api/v2/webhooks endpoint returns 403 Forbidden with a message indicating the limit of 10 webhooks has been reached.
Can I deactivate a webhook without deleting it?
Yes. Send PATCH /api/v2/webhooks/{id} with {"active": false}. The webhook will stop receiving deliveries but can be reactivated later by setting active back to true.
What does a null response status on a delivery mean?
null response status on a delivery mean?It means the request failed before receiving a response — typically a timeout or a connection error. Check the response_body field for the specific error message.
Updated about 5 hours ago