A webhook lets MyOperator send event data to your server in real time. When a call or SMS event happens, we POST a JSON payload to a URL you provide. Your system can then record, route, or trigger workflows instantly.

Quick answer: A webhook is an automated HTTP POST from MyOperator to your endpoint whenever a subscribed event occurs.

Contents

• When to use webhooks
• How webhooks work
• Requirements
• Set up a webhook (Dashboard)
• Test your webhook
• Verify signatures (security)
• Sample payloads & code
• Troubleshooting
• FAQ
• Related articles

When to use webhooks

Use webhooks when you need near real‑time updates from MyOperator without polling the API. Example use cases:

• Push call events to your CRM and auto‑create activities.
• Trigger notifications to Slack or Teams when VIP calls arrive.
• Start workflows in Zapier, Make, or an internal orchestration service.

How webhooks work

flowchart LR  A[MyOperator Event] --> B[Deliver POST to your URL]  B --> C{Your server returns 2xx?}  C -- Yes --> D[Delivery logged: Success]  C -- No/Timeout --> E[Retry per policy]

Delivery basics

• We send an HTTP POST to your URL with Content-Type: application/json.
• Each event includes an id and type (e.g., call.answered).
• Your endpoint should return a 2xx status after processing.
• For reliability, respond quickly and do heavy work asynchronously.

Optional security

• If Signing secret is enabled, we include X-MyOperator-Signature (HMAC‑SHA256 of the raw body).
• You should verify the signature before trusting the payload.

Requirements

• Admin access to MyOperator Dashboard.
• A public HTTPS URL that accepts POST requests and JSON.
• The endpoint returns 2xx on success.
• Ability to capture logs or view MyOperator Webhook Logs for validation.

Tip: Use a temporary endpoint like a Postman Mock Server or webhook.site during setup.

Set up a webhook (Dashboard)

1. Go to Dashboard → Integrations → Webhooks.
2. Click Add Webhook.
3. Enter your Destination URL (HTTPS recommended).
4. Select Events to subscribe to (e.g., Call started, Call answered, Call ended).
5. (Optional) Toggle Signing secret and copy the secret safely.
6. Click Save.

Result: Your webhook shows as Active. You can view deliveries under Webhook Logs.

Figure 1: Add Webhook in MyOperator Dashboard.

Test your webhook

From Dashboard

1. Open Integrations → Webhooks.
2. Click ⋯ → Send test event.
3. Choose an event type and send.
4. Confirm your server returned 2xx and payload was processed.

From your machine (cURL)

curl -X POST "https://your-server.example.com/webhooks/myoperator" \  -H "Content-Type: application/json" \  -d '{    "id": "evt_01JABCXYZ123",    "type": "call.answered",    "created_at": "2025-08-26T10:03:59Z",    "data": {      "call_id": "call_78e3c7",      "from": "+12025550123",      "to": "+12025550987",      "agent": "+919876543210",      "direction": "inbound",      "answered_by": "agent",      "duration_sec": 143    }  }'

Validate delivery

• In Webhook Logs, confirm Status: Delivered and note the response time.
• In your system, verify the record was created or the workflow triggered.

Verify signatures (security)

If you enabled Signing secret, verify X-MyOperator-Signature using HMAC‑SHA256 over the raw request body and your secret.

Node.js (Express)

import crypto from "crypto";function verify(req, secret) {  const signature = req.header("X-MyOperator-Signature");  const payload = req.rawBody; // ensure raw body middleware  const digest = crypto.createHmac("sha256", secret).update(payload).digest("hex");  return crypto.timingSafeEqual(Buffer.from(signature, "hex"), Buffer.from(digest, "hex"));}

Python (Flask)

import hmac, hashlibdef verify(request, secret: str) -> bool:    signature = request.headers.get("X-MyOperator-Signature", "")    digest = hmac.new(secret.encode(), request.get_data(), hashlib.sha256).hexdigest()    return hmac.compare_digest(signature, digest)

Security notes

• Reject requests missing the signature header.
• Enforce HTTPS and rotate secrets periodically.
• Consider allow‑listing MyOperator IPs if your network policy requires it.

Sample payloads & code

Event: call.started

{  "id": "evt_01JAAAFM8Z8M9V33M2N8D3P3S4",  "type": "call.started",  "created_at": "2025-08-26T10:00:00Z",  "data": {    "call_id": "call_78e3c7",    "from": "+12025550123",    "to": "+12025550987",    "direction": "inbound",    "queue": "Sales"  }}

Minimal receivers

Node.js (Express)

import express from "express";const app = express();app.use(express.json({ verify: (req, res, buf) => { req.rawBody = buf; } }));app.post("/webhooks/myoperator", async (req, res) => {  // TODO: verify signature if enabled  const evt = req.body;  if (evt.type === "call.answered") {    // handle  }  res.status(200).send("ok");});app.listen(3000, () => console.log("listening on 3000"));

Python (Flask)

from flask import Flask, requestapp = Flask(__name__)@app.post("/webhooks/myoperator")def receive():    evt = request.get_json(force=True)    # TODO: verify signature if enabled    if evt.get("type") == "call.ended":        pass    return ("ok", 200)if __name__ == "__main__":    app.run(port=3000)

Troubleshooting

Common errors

• 400 Bad Request: Your endpoint did not accept the JSON. Validate payload and Content-Type.
• 401/403 Unauthorized: Your auth check failed. Confirm tokens, IP allow‑list, or signature.
• 404 Not Found: URL path mismatch. Verify the exact webhook URL.
• 408/504 Timeout: Your server took too long. Acknowledge quickly, process asynchronously.
• 429 Too Many Requests: You are rate‑limited. Back off and queue processing.
• 5xx Server Error: Your code threw an error. Check application logs.