Creating webhooks to interact with third-party systems

Available on all Suite plans Available on all Support plans

Quick Look: Admin Center > Apps and integrations > Actions and webhooks > Webhooks

A webhook sends an HTTP request to a specified URL in response to activity in Zendesk Support. For example, you can configure a webhook to send requests when a user is deleted or a new ticket is created.

Web developers typically use webhooks to invoke behavior in another system. For example, you can use webhooks to:

Alert your team in Slack when an urgent ticket is created
Pass ticket details to your docs team in Asana after a ticket is resolved
Notify your own back-end service about an important ticket event

You must be an admin or an agent in a custom role with permission to create webhooks. Trial accounts are limited to a maximum of 10 webhooks and a rate limit of 60 invocations per minute.

This article covers the following topics:

About webhooks
Creating a webhook
Testing a webhook

About webhooks

There are two ways to connect a webhook to activity in Zendesk Support:

Subscribe the webhook to one or more Zendesk events. Use this connection method to send requests based on organization, user, agent availability, help center, or community activity. For a list of supported event types, see Webhook event types in the API reference.
Connect the webhook to a trigger or automation. Use this connection method to send requests based on ticket activity.

A webhook that's subscribed to a Zendesk event can't connect to a trigger or automation. Similarly, a webhook that's connected to a trigger or automation can't subscribe to Zendesk events. You can't change an existing webhook's connection method.

Important: A best attempt is made to deliver webhook events for actions in Zendesk to users as near to real-time as possible. However, sometimes there is a delay.

Subscribing to Zendesk events

A webhook that's subscribed to one or more Zendesk events always sends requests using the POST HTTP method. The request includes a JSON payload that contains the event's data. You can't change the HTTP method or the payload for the request. For more information about event payload schemas, see Webhook event types in the API reference.

Connecting to triggers or automations

If a webhook is connected to a trigger or automation, you can customize the HTTP method, format, and content of the webhook's requests. You select the HTTP method and request body format when you create the webhook. Webhooks connected to a trigger or automation support the following request body formats:

JSON
XML
Form-encoded content

You define the request's content when you connect the webhook to a trigger or automation. For webhooks that use the POST, PUT, or PATCH HTTP method with a JSON or XML request format, the content is the request payload. Webhooks using other HTTP methods or formats don't include a request payload. Instead, you can add custom URL parameters as an array of two key-value strings. When defining the request payload or URL parameters, you can use any of the available content placeholders to insert ticket data into the request.

The webhook's request payload or URL parameters must be less than 256 KB.

Webhook ordering and retries

When an event, trigger, or automation invokes a webhook, it queues the webhook job to be run but doesn't actually run the job immediately. Because webhook jobs are run independently, there is no guarantee that webhooks are executed in a particular order.

Webhook requests are automatically retried up to three times if the endpoint returns certain HTTP response codes. Unlike targets, consecutive failed requests won't deactivate webhooks. For more information and examples of retry scenarios, see Monitoring webhooks in our developer documentation.

Creating a webhook

You can create a webhook in Admin Center.

To create a webhook

In Admin Center, click Apps and integrations in the sidebar, then select Actions and webhooks > Webhooks.
Click Create webhook.
- To subscribe the webhook to one or more Zendesk events, select Zendesk events and select one or more event types from the dropdown.
- To connect the webhook to a trigger or automation, select Trigger or Automation.
Click Next.
Enter a Name and Description for the webhook.
Enter the Endpoint URL that is used to integrate with the third-party service or system. See Webhook endpoints.
When setting up a webhook to integrate with a third party, you may need to consult the third party's documentation.
Select the webhook's Request method and Request format.
Select the Authentication method for the webhook and provide any additional information required. See Authenticating your webhook.
(Optional) Click Add header to add a custom header, and then enter a Header name and Value. To add up to four more headers, click Add another header. See Custom webhook headers.
Note: Don't put sensitive information in your custom headers.
(Optional) Click Test webhook to ensure it's working as expected.
Click Create webhook to create the webhook.
For trigger and automation webhooks, you must connect the webhook to a trigger or automation. See Connect the webhook to a Support trigger or automation. After connecting the trigger or automation, return to the Create webhook page and click Finish setup.

After you've created the webhook, you can view its details, subscriptions, and activity from the Webhooks page in Admin Center. See Managing webhooks.

Webhook endpoints

Webhooks send requests to the endpoint URL that you specify when creating them. The endpoint URL uses the following format: https://www.yourdomain.com/path.

Although it isn't required, the use of secure HTTP (HTTPS) is recommended. By providing a secure endpoint URL, you can enable authentication and pass data safely.

Custom webhook headers

Custom headers provide a way to include additional information in the request your webhook sends and can make it easier to connect to some third-party services that have unique webhook header requirements. Note the following requirements and limitations for custom headers:

To use custom headers, you must use a secure (HTTPS) endpoint URL.
Don't include authentication credentials or other sensitive information in custom headers. Instead, use the supported authentication methods.
Header names must be unique and can't have more than 128 characters. All alphanumeric US ASCII characters are supported, as well as the following symbols: !, #, $, %, &, ', *, +, -, ., ^, _, `, |, and ~.
Header values can be up to 1,000 characters in length and support all US ASCII characters from 0x20 to 0x7E.
The following headers aren't supported:
- accept-charset
- accept-encoding
- connection
- content-encoding
- content-length
- content-md5
- content-type
- date
- expect
- forwarded
- host
- keep-alive
- max-forwards
- origin
- proxy-authenticate
- referer
- server
- te
- trailer
- transfer-encoding
- upgrade
- user-agent
- via
- www-authenticate
- zendesk-api-version
- zendesk-ep
Additionally, headers can't start with the following prefixes:
- access-control
- x-amzn
- x-apigw
- x-datadog
- x-envoy
- x-forwarded
- x-zendesk

Authenticating a webhook

If your webhook is integrating with a secure endpoint, you have three options for authenticating the webhook and the data it sends. You may want to reference third-party documentation about your endpoint's authentication requirements or work with a developer on your team to determine the correct authentication method for your webhook.

None required: No authentication is configured or required.
API key: Use an API key to authenticate the webhook.
Basic authentication: Use a username and password to authenticate the webhook.
Bearer token: Use an OAuth access token to authenticate the webhook.

If your developers want more information about webhook authentication, see Webhook security and authentication.

For additional security, you can also verify the webhook's signature. For more informaiton, see Verifying webhook authenticity.

Connect a webhook to a trigger or automation

To invoke a trigger and automation webhook, you must first connect it to a trigger or automation. The triggers and automations specify the circumstances under which the webhook should be invoked.

To connect a webhook to a Support trigger

In Admin Center, click Objects and rules in the sidebar, then select Business rules > Triggers.
Create a new trigger or edit an existing one by hovering your mouse pointer over the options icon () and clicking Edit.
Under Actions, click Add action. Select Notify webhook and then select your webhook.
Enter the webhook's request payload or URL parameters, depending on the webhook's request format. The payload or parameters must be less than 256 KB.
Click Save.

To connect a webhook to a Support automation

In Admin Center, click Objects and rules in the sidebar, then select Business rules > Automations.
Create a new automation or edit an existing one by hovering your mouse pointer over the options icon () and clicking Edit.
Under Perform these actions, click the add action icon (). Select Notifications: Notify webhook and then select your webhook.
Enter the webhook's request payload or URL parameters, depending on the webhook's request format. The payload or parameters must be less than 256 KB.
Click Submit.

Testing a webhook

In Admin Center, you have the option to test the webhook with different event sources as well as requests. In addition to accessing existing webhooks specifically for testing, you can also test the webhook during creation or editing.

To test a webhook

In Admin Center, click Apps and integrations in the sidebar, then select Actions and webhooks > Webhooks.
Find the webhook in the list, click the options menu icon () on the webhook's row, and then click Test webhook.
In the Test webhook panel, select an event to test. This is a sample request that you can use to test your endpoint URL.
Enter the details of your test request—request body, parameters, or headers.
Click Send test. The response is visible in the panel below your test request.