Lead Webhook
The webhook will process data for the chatbot. The webhook will publish leads and appointment records to your CRM daily in JSON format.
Configuring a Webhook
To configure a webhook, you need to have access to app.neoagent.co (contact support at app.neoagent.co if you do not already have this access):
- Log in to app.neoagent.co and click on Workspace.
- Enter the URL of the configured webhook endpoint in the Webhook tab.
- Click Save.
Once the webhook URL is entered, the webhook signing key is generated automatically.
Receiving Endpoint
Trust the authenticity of your webhooks using the webhook signing key mentioned above, a unique secret key shared between your application and app.neoagent.co, to verify the events sent to your endpoints. The webhook signing key will produce the X-Webhook-Signature, which you can use to compare with an expected webhook signature, to verify events coming from app.neoagent.co.
X-Webhook-Signature
When app.neoagent.co sends a webhook to your app, it will include the X-Webhook-Signature header in the following format:
X-Webhook-Signature: t=1492774577,v1=5257a869e7ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd
Compare the X-Webhook-Signature, prefixed by v1=, with the expected signature. If they match, you can be assured that the event payload was issued by app.neoagent.co and has not been tampered with.
const crypto = require('crypto');
// Application webhook signing key
const webhookSigningKey = ({}).WEBHOOK_SIGNING_KEY;
// Extract the timestamp and signature from the header
const neoagentSignature = req.get('X-Webhook-Signature');
const { t, signature } = neoagentSignature.split(',').reduce((acc, currentValue) => {
const [key, value] = currentValue.split('=');
if (key === 't') {
// UNIX Timestamp
acc.t = value;
}
if (key === 'v1') {
acc.signature = value
}
return acc;
}, {
t: '',
signature: ''
});
if (!t || !signature) throw new Error('Invalid signature');
// Create the signed payload by concatenating the timestamp (t), the character '.', and the JSON payload of the request body.
const data = t + '.' + JSON.stringify(req.body);
const expectedSignature = crypto.createHmac('sha256', webhookSigningKey).update(data, 'utf8').digest('hex');
// Determine the expected signature by calculating an HMAC with the SHA256 hash function.
if (expectedSignature !== signature) {
// The signature is invalid!
throw new Error('Invalid signature');
}
Listening for Lead and Appointment Events
When an event occurs, it is notified to the configured webhook URL. Immediately sends new leads and appointments.
Notification Details - HTTP POST Request
Method: POST
Content-Type: application/json
JSON Body
Example:
{
// SerialNumber string ID Chatbot
"SerialNumber": "59001dd73709417321c58b11693183a2",
// Type string There are two types: Lead and Appointment
"Type": "Lead",
// FirstName string User's first name
"FirstName": "David",
// LastName string User's last name
"LastName": "Garcia",
// Email string User's email
"Email": "test@qq.com",
// PhoneNumber string User's phone number
"PhoneNumber": "",
// CreateTime string Creation time (UTC time)
"CreateTime": "2023-11-23T18:36:21.512302Z",
// String content Remarks or appointment content
"Content": "test",
// Session ID int Session ID
"ID session": 31305,
// String URI Source URI
"URI": "www.google.com"
}
Error, Retry
Response data: {"status":"success"} or {"status":"Success: test request received"} (case-sensitive, the returned value is necessary for a successful callback); returning other values is considered an error. After an error, retry within 1 minute and 3 minutes.