Webhooks & Zapier Integration¶
Wanderbolt.AI provides outbound webhooks to connect your agency with automation platforms like Zapier, Make (Integromat), or your own custom systems. When key events occur in Wanderbolt, an HTTP POST request is sent to your configured URL with event data.
[!NOTE] Webhooks are available exclusively for Agency subscriptions.
Getting Started¶
- Navigate to Agency Dashboard → Webhook / Zapier (or go to
/portal/agency/webhooks) - Click Add Webhook
- Select an event type and enter your target URL (e.g., your Zapier trigger URL)
- Click Add Webhook to save
Supported Event Types¶
| Event | Description |
|---|---|
submission.created |
New questionnaire submission received |
submission.matched |
Submission linked to a client |
client.created |
New client created |
client.updated |
Client profile updated |
trip.created |
New trip created |
trip.status_changed |
Trip status updated |
booking.created |
New booking added to trip |
booking.updated |
Booking details modified |
payment.due_soon |
Payment due within 7 days |
payment.marked_paid |
Payment milestone marked as paid |
brief.generated |
Travel brief generation completed |
brief.delivered |
Travel brief marked as delivered |
Webhook Payload Format¶
All webhooks are sent as POST requests with a JSON body:
{
"event": "client.created",
"timestamp": "2026-01-15T20:16:52.044554+00:00",
"data": {
"client_id": 123,
"first_name": "John",
"last_name": "Doe",
"email": "[email protected]"
},
"meta": {
"agency_id": 1,
"user_id": 3,
"delivery_id": "NJdhoxiZAjwwZeqQPARYNg"
}
}
Verifying Webhook Signatures¶
Each webhook includes an HMAC-SHA256 signature in the X-Wanderbolt-Signature header. Use your secret key (found in webhook settings) to verify authenticity:
import hmac
import hashlib
def verify_signature(payload_body, signature_header, secret_key):
expected = 'sha256=' + hmac.new(
secret_key.encode('utf-8'),
payload_body,
hashlib.sha256
).hexdigest()
return hmac.compare_digest(expected, signature_header)
HTTP Headers¶
| Header | Description |
|---|---|
Content-Type |
application/json |
User-Agent |
Wanderbolt-Webhook/1.0 |
X-Wanderbolt-Event |
Event type (e.g., client.created) |
X-Wanderbolt-Delivery-ID |
Unique delivery identifier |
X-Wanderbolt-Signature |
HMAC-SHA256 signature (if secret configured) |
Managing Webhooks¶
From the webhook settings page you can:
- Test - Send a test payload to verify connectivity
- Edit - Change the target URL
- View Secret - See the HMAC signing key
- Regenerate Secret - Generate a new signing key (invalidates old one)
- Delete - Remove the webhook subscription
Zapier Integration Example¶
- In Zapier, create a new Zap with Webhooks by Zapier as the trigger
- Select "Catch Hook" and copy the webhook URL
- In Wanderbolt, add a webhook with the Zapier URL as the target
- Click Test to send a sample payload
- In Zapier, test the trigger to see the data structure
- Add your desired actions (create a Google Sheet row, send a Slack message, etc.)
Troubleshooting¶
- 405 Method Not Allowed: Your target URL doesn't accept POST requests
- 401/403 Errors: Your target requires authentication; use Zapier or a proxy
- Timeouts: Webhooks timeout after 30 seconds; ensure your endpoint responds quickly
- No delivery showing: Check that the event is configured and the action was triggered
API Endpoints¶
For programmatic webhook management, see the API Documentation.
| Method | Endpoint | Description |
|---|---|---|
GET |
/api/webhooks/ |
List all subscriptions |
POST |
/api/webhooks/ |
Create subscription |
PATCH |
/api/webhooks/<event_type> |
Update subscription |
DELETE |
/api/webhooks/<event_type> |
Delete subscription |
POST |
/api/webhooks/test/<event_type> |
Send test webhook |
GET |
/api/webhooks/events |
List available event types |
GET |
/api/webhooks/deliveries |
List recent deliveries |