Kudowall

Webhooks Documentation

Real-time event notifications for your testimonial workflow. Get instant updates when testimonials are created, approved, or when forms are submitted.

Real-time Events
Secure Authentication
HTTPS Only

Available Events

Subscribe to these events to stay updated on changes in your workspace. All events for the same entity type share the same payload structure.

Testimonial Events

All testimonial events share the same payload structure with complete testimonial data

testimonial.created

Fired when a new testimonial is submitted through any channel (forms, API, or direct submission).

testimonial.approved

Fired when a testimonial is approved and ready to be displayed.

testimonial.rejected

Fired when a testimonial is rejected and won't be displayed.

testimonial.updated

Fired when a testimonial is edited or updated.

Form Events

Form events include both form configuration and response data when applicable

form.submitted

Fired when a testimonial form is submitted by a customer. Includes both form configuration and response data.

form.published

Fired when a testimonial collection form is published and made available to customers.

Widget Events

Widget events include complete widget configuration data

widget.published

Fired when a testimonial display widget is published for embedding on websites.

Authentication Options

Configure authentication to secure your webhook endpoints and verify requests are from authorized sources.

Available Authentication Methods

Choose the authentication method that best fits your infrastructure

Basic Authentication

Standard HTTP Basic Authentication with username and password. Credentials are base64 encoded and sent in the Authorization header.

Authorization: Basic base64(username:password)

Bearer Token

Send a bearer token in the Authorization header. Ideal for services that support token-based authentication.

Authorization: Bearer your-token-here

JWT Token

Generate and sign JWT tokens with your secret key. Supports HS256, HS384, HS512, RS256, RS384, RS512, PS256, PS384, PS512, ES256, ES384, and ES512 algorithms.

Authorization: Bearer <generated-jwt-token>

Custom Header

Add any custom header with your authentication credentials. Flexible for various API requirements.

X-Custom-Auth: your-value-here

Query Parameter

Append authentication credentials as URL query parameters. Useful for services that don't support headers.

https://your-endpoint.com/webhook?api_key=your-key

No Authentication

For development or internal endpoints. Ensure your endpoint has other security measures in place.

Always use HTTPS endpoints to ensure your authentication credentials are encrypted in transit.

Testing Webhooks

Test your webhook integration before going to production.

Testing Your Integration

Test Events from Dashboard

Send test events directly from your dashboard:

  • Go to Dashboard → Settings → Webhooks
  • Click "Test Webhook" next to your endpoint
  • Select an event type to send a test payload
  • Verify your endpoint receives and processes the event

Troubleshooting

Quick solutions to common webhook issues.

Not receiving webhooks?

Check the Activity tab in your dashboard to see delivery attempts and error messages. Make sure your endpoint uses HTTPS (not HTTP) and is publicly accessible.

Getting timeout errors?

Your endpoint must respond with HTTP 200 within 5 seconds. Check for slow database queries, external API calls, or heavy processing that might be delaying your response.

Authentication errors?

Double-check your authentication configuration in the webhook settings. For Bearer tokens and API keys, ensure they're still valid and haven't expired.