Skip to content

Webhooks & callbacks

“Webhook” means different things in CXGear depending on who is calling whom. This page separates the three patterns teams meet most often:

  1. Table ingest webhooks — your CRM calls CXGear to add rows
  2. Channel / WhatsApp webhooks — Meta (or another provider) calls CXGear about messages
  3. OAuth callbacks — the browser returns to CXGear after you connect an account

Getting the public API URL wrong breaks all three.

CXGear must advertise a stable HTTPS base URL for anything an external system calls. In deployment that is PUBLIC_API_URL (for example https://api.cxgear.ai).

UseExample
Ingest webhook pathhttps://api.cxgear.ai/api/v1/public/data-tables/ingest/{token}
WhatsApp OAuth callbackhttps://api.cxgear.ai/api/v1/channels/whatsapp/oauth/callback

If PUBLIC_API_URL is localhost in production, providers cannot reach you. See Deployment notes.

Direction: CRM / middleware → CXGear

Purpose: Append rows to a data table automatically.

Each data table can expose:

  • A URL containing an ingest token
  • Optional CRM-specific setup notes in the product UI

Your system sends HTTP POST requests with a records array. CXGear appends rows when columns match the table schema.

Screenshot needed
Ingest webhook panel showing URL and token (token partially masked if possible).
Where: Data tables → Ingest webhook
Save as: src/assets/screenshots/32-ingest-webhook.png
  1. Set metadata fields so only useful columns enter spinners.
  2. Keep the ingest token secret (rotate if it leaks).
  3. Send the same column names the table already uses.
  4. After rows land, run or trigger a published spinner.

Organization API keys can also ingest via /public/ingest when you prefer one key for many tables. See Public ingest & trigger and Ingest webhooks.

Direction: Meta (or SMS/email provider) → CXGear

Purpose: Deliver inbound messages, delivery statuses, and related events so channels and conversations stay up to date.

You configure these in the provider console (for example Meta for WhatsApp), pointing at CXGear’s API host — not the web app.

Typical setup steps:

  1. Connect WhatsApp under Integrations in CXGear.
  2. Complete Meta OAuth (see below).
  3. Ensure the webhook URL and verify token match what CXGear expects for your deployment.
  4. Subscribe only to the event types CXGear documents for WhatsApp.
Screenshot needed
WhatsApp / channel connection screen in Integrations.
Where: Integrations → WhatsApp
Save as: src/assets/screenshots/39-whatsapp-webhook-setup.png

If inbound messages never appear:

  • Confirm the provider can reach PUBLIC_API_URL over HTTPS
  • Confirm the app is live (or you are a Meta tester in development mode)
  • Check API logs for webhook verification failures

See WhatsApp (Meta).

Direction: Browser → CXGear API after the user approves access at the provider

Purpose: Finish connecting WhatsApp (and other OAuth-based integrations) without pasting long-lived tokens by hand.

For WhatsApp, the redirect URI must match exactly, including path:

https://YOUR_API_HOST/api/v1/channels/whatsapp/oauth/callback

That host must be the same value as PUBLIC_API_URL. A mismatch is the most common OAuth failure.

  • Do not invent extra scopes — CXGear requests the WhatsApp scopes it needs
  • In Meta development mode, only app admins, developers, and testers can complete login
  • After success, you should land back in CXGear with the channel connected
MechanismCredential
Org ingest / trigger APIAuthorization: Bearer cxg_…
Per-table ingest webhookToken in URL path
Provider webhooksProvider signature / verify token (not your org API key)
OAuth callbackBrowser session + provider authorization code

You usually do not put an org API key on a Meta webhook URL.

  • CRM rows appear in the data table within seconds of an event
  • WhatsApp inbound messages show up in CXGear
  • OAuth completes without “redirect URI mismatch”
  • Tokens and keys are stored securely and rotated when people leave
ProblemLikely causeWhat to do
Ingest 404Wrong or rotated tokenCopy URL again from Data tables
SCHEMA_MISMATCHPayload columns differAlign with table schema
OAuth redirect errorPUBLIC_API_URL ≠ Meta app settingMake them identical
Provider cannot reach CXGearFirewall or HTTP-only URLUse public HTTPS API host
Webhooks work in staging onlyProduction URL not updatedUpdate provider config and env