Webhook Request

Send outbound HTTP POST webhook calls with optional HMAC signing

The Webhook Request block sends an outbound HTTP POST request to an external webhook URL. Use it to push workflow results to third-party services such as Zapier, Make, n8n, or any custom endpoint that accepts webhook payloads.

This block sends outbound webhook calls (your workflow calls an external URL). It is different from the Webhook Trigger, which listens for inbound requests that start a workflow.

Overview

Set the destination URL: Point to any endpoint that accepts HTTP POST requests

Build the JSON payload: Include data from upstream blocks using variable references like <agent.content>

Optionally sign the request: Provide an HMAC-SHA256 signing secret so the receiver can verify authenticity

Add custom headers: Include API keys, content types, or any extra headers the receiver requires

How It Works

When the block executes it:

  1. Resolves any variable references (<block.output>) in the URL, payload, and headers.
  2. Serializes the payload as JSON.
  3. If a Signing Secret is provided, computes an HMAC-SHA256 signature over the payload and attaches it as a webhook header so the receiving server can verify the request was not tampered with.
  4. Sends the POST request with Content-Type: application/json and any additional headers you configured.
  5. Returns the response data, status code, and response headers as block outputs.

Configuration

Webhook URL*
https://example.com/webhook
Payload
json
Enter JSON payload...
Signing Secret
••••••••
Additional Headers
Additional Headers
Optional custom headers to include with the webhook request

Fields

FieldRequiredDescription
Webhook URLYesThe destination endpoint. Must accept HTTP POST.
PayloadNoJSON body to send. Use <block.output> to reference upstream data.
Signing SecretNoA shared secret used to generate an HMAC-SHA256 signature header for payload verification.
Additional HeadersNoKey-value pairs appended to the request (e.g., Authorization: Bearer ...).

Outputs

OutputTypeDescription
datajsonThe parsed response body from the external endpoint
statusnumberHTTP status code returned by the endpoint
headersjsonResponse headers

Best Practices

  • Store secrets in environment variables -- reference your signing secret with {{WEBHOOK_SECRET}} instead of pasting it directly.
  • Check the status output -- use a Condition or Router block after the webhook to handle non-2xx responses gracefully.
  • Keep payloads small -- send only the data the receiver needs. Large payloads increase latency and may be rejected by some endpoints.
WaitWorkflow Block

On this page

Overview
How It Works
Configuration
Fields
Outputs
Best Practices