In Webhook mode, WSAPI Cloud sends events to a public endpoint you specify via HTTP POST requests with a JSON payload.Configuration
| Field | Description | Required |
|---|
| Webhook URL | Your public HTTPS endpoint that will receive events | Yes |
| Event Signature Secret | Secret used to sign webhook events for verification | Recommended |
Always configure signature verification for webhook events to validate the legitimacy of incoming webhook calls. Without it, anyone who discovers your webhook URL could send fake events.
How it works
- An event occurs on your WhatsApp instance (e.g., new message received)
- WSAPI sends a POST request to your webhook URL with the event payload
- Your server processes the event and returns a
200 response
See the Events overview for payload formats and delivery details. In pull mode, your application connects to WSAPI using Server-Sent Events (SSE). This eliminates the need for a public endpoint to receive webhooks.Configuration
| Field | Description | Required |
|---|
| Event Signature Secret | Secret used to sign webhook events for verification | Recommended |
In SSE mode, signing events is still recommended to ensure the integrity of the event stream. Always verify signatures on incoming events to protect against tampering or spoofing.
How it works
- Your app opens a persistent SSE connection to WSAPI
- Events are streamed to your app in real time as they occur
- If the connection drops, your app reconnects and resumes
We recommend using this mode with one of our official SDKs, which include a proper SSE client implementation. If your language isn’t supported, refer to the SDK’s implementation as a reference.
Supported SDKs
