🪝 Webhooks & automation

Trigger anything, anywhere.

Subscribe any URL to any OpsIQ event. HMAC-SHA256 signed, replay-protected, idempotency-keyed and retry-aware. Compose triggers and actions into automation rules without a line of code, or roll your own from the REST API.

40+ canonical eventsHMAC-SHA256 on every deliveryBackoff retries + replayIdempotency-keyed
Signed at the source
Retries until it lands
Live One event. Signed. Delivered. Guaranteed. EVENT BUS invoice.paid HMAC-SHA256 your-crm.com /hook 200 OK stale-endpoint retry 2/5 · backoff DELIVERY LOG your-crm.com/hook200 · 142ms slack.com/services200 · 88ms
40+canonical events to subscribe
HMACsigned on every delivery
backoff retries to 12h, then manual replay
1 keyper scope, locked to its workspace
Event router

Events out. Events in. Actions both ways.

A signed integration control-room for the whole loop: outbound deliveries, inbound receipts, and approved backend actions moving through the same audited bus.

OUT

Outbound events

Subscribe any HTTPS endpoint to canonical OpsIQ events, with filters per destination.

IN

Inbound receipts

Receive signed events from Stripe, Calendly, Zapier, Make or your own app.

ACT

Approved actions

AI proposes. Humans or rules approve. OpsIQ POSTs to your backend.

OpsIQ event bus signed traffic

One bus, three directions

Outbound
webhooks
Inbound
events
Signed
event bus
Action
POST
invoice.paidyour-crm.com/hook200
stripe.payment_intentcontact timelinemapped
ai.action.approved/api/provisionsigned
SignatureHMAC-SHA256

Every delivery carries headers receivers can verify with a constant-time compare.

IdempotencyOne key

Retries reuse the same key so writes remain exactly-once.

AuditEvery hop

Outbound, inbound and action attempts are written to the delivery log.

Reliability · retries

Endpoints go down. Deliveries don't get lost.

A failed delivery climbs an exponential ladder (1m → 5m → 30m → 2h → 12h) so a brief outage on your side never drops an event. Every attempt is written to the delivery log with its HTTP status and latency, and you can replay any delivery by hand once the receiver is healthy again. Every retry carries the same idempotency key, so a re-delivery never double-charges or double-provisions.

Exponential backoff: five automatic retries (1m → 5m → 30m → 2h → 12h) before a delivery is parked for manual replay.
Per-endpoint delivery rail: the last deliveries green / amber / red at a glance, with status code and time.
Idempotency keys. Every retry reuses the same X-OpsIQ-Idempotency key, so writes stay exactly-once.
24hauto-retry window
1-clickmanual replay
Retry ladder & delivery log 1m 5m 30m 2h 12h DELIVERY LOG your-crm.com/hook · order.created 200 · 124ms slack.com/services · invoice.paid200 · 88ms stale-endpoint · payment.completedretry 2/5 support-bot · ticket.created200 · 61ms dead-host · subscription.renewed502 · parked Replay
Backoff1m → 5m → 30m → 2h → 12h
Exactly-onceidempotency key on every retry
Replayone click once the receiver recovers
Two-way automation

Receive events, and let AI act safely.

Inbound endpoints and action endpoints are different surfaces, so they now look different: one maps outside events onto contacts, the other gates AI actions before your backend is called.

Inbound endpoints

Outside events land on the right timeline.

Create a unique URL and signing secret, map the JSON fields, then let OpsIQ attach each accepted event to the matching contact.

https://app.opsiq.io/inbound/wh_7c91...
contact_email_path $.customer.email event_type_path $.type idempotency_key_path $.id
Action endpoints

AI can request work, not bypass approval.

Declare the action contract, scope it, and only POST to your backend after approval.

billing.issue_credit
ProposeApprovePOST
REST API keys

Keys with permissions, limits and allowlists.

Issue workspace keys for tools and partners without giving every integration full power.

BI dashboard Read only
Partner app Restricted
Internal tool All
API action call

Code paths stay clean.

For complex workflows, call the REST API directly with the same scoped model.

POST /api/v1.php
Authorization: Bearer opq_workspace_key
{ "action": "crm.conversions.record" }
Hardened isolation

Every endpoint and key is welded to its workspace.

Security has its own visual system here: delivery URLs are guarded against SSRF, keys are scoped to one workspace, and cross-tenant requests bounce before any data is read.

0global tokens
403scope mismatch
Outbound safety

Delivery URLs cannot turn inward.

OpsIQ blocks private, loopback, link-local and cloud metadata targets at save time and again at send time.

your-crm.comallow
127.0.0.1block
10.0.0.5block
169.254.169.254block
Workspace vault

Tenant boundaries are part of the key.

Endpoints, inbound receipts, delivery logs and API keys all carry the workspace stamp that created them.

Workspace Akey opq_a1...
endpoint /hook-a
scope_key ws_a
Workspace Bkey opq_b7...
endpoint /hook-b
scope_key ws_b
A key from workspace A calling workspace B returns 403 before data access.
Scope enforcement

Every request crosses the same gate.

Signature, workspace scope, permission mode, rate limit and optional IP allowlist are checked before the request reaches business data.

Everything in the box

One integration surface, fully wired.

Retries & replay Exponential backoff to 24 hours, a full delivery log, and one-click replay when a receiver recovers.
Scoped API keys All, Read-only or Restricted modes, per-key rate limits and IP allowlists, locked to the workspace.
Test before live Fire sample payloads outbound and inbound; inspect the exact JSON, signature and HTTP status returned.
Idempotency keys A reused key on every retry means writes are exactly-once, safe for payments and provisioning.
Visual rule builder Drag-drop "when X happens, do Y": conditions on tier, priority or keyword, no code required.
Replay protection Timestamp window plus a nonce table deduplicate retries and reject stale deliveries.
⚖️ Where it fits

Not a glue tool you rent. A native integration layer.

Zapier and Make are great for taping apps together, but they sit outside your platform, can't gate AI actions, and meter every run. OpsIQ's events, signatures and actions are native, sharing the same data as your chat, CRM and tickets.

What you needRaw Zapier / MakeOpsIQ Webhooks & Actions
Typed, documented event catalogPer-app, inconsistent40+ canonical OpsIQ events
HMAC-SHA256 signed deliveryRare / DIY per zapSigned every delivery, secret per endpoint
Per-endpoint event filtersOne trigger per zapWildcard or precise subset, per URL
Automatic retries + replayLimited / paid tierBackoff to 24h + manual replay
Idempotency on retriesYou build itIdempotency-Key on every write
Inbound onto the right contactLands in a flow, not a CRMMaps to the contact timeline
Gate AI actions before they runNo conceptPropose → approve → signed POST
Reversible, audited actionsNoReversible flag + full audit trail
Scoped API keys + rate limitsAccount-wide tokenAll / Read-only / Restricted + CIDR
SSRF-hardened deliveryVariesPrivate / metadata IPs blocked, re-resolved
Per-run metering / task capsYes, you pay per taskNative: no per-event toll
Same data as chat / CRM / ticketsCopied between appsOne source of truth
Full feature list

Everything in Webhooks & Actions.

Every capability, grouped. ★ marks a stand-out.

FeatureWhat it does
Event subscription
Outbound Event Catalog (40+) ★Typed canonical events across commerce, billing, support and CRM, with no per-app inconsistency.
Wildcard Event Subscription (*)Subscribe an endpoint to everything with a single *.
Per-Endpoint Event Filters ★One URL gets billing, another support, so no noise on receivers that don't need it.
Security & signing
HMAC-SHA256 Signing ★Every payload signed with a per-endpoint secret via X-OpsIQ-Signature.
Raw-Body SignatureSigns the bytes, not a re-serialised object, so nothing drifts between sender and receiver.
Constant-Time Verification Recipe ★hash_equals() guidance so attackers can't time their way to a forged signature.
Rotatable Signing Secrets ★Regenerate a per-endpoint secret at any time, then update your verifier.
X-OpsIQ-Signature HeaderHMAC carried on every single delivery for verification.
X-OpsIQ-Timestamp HeaderUnix epoch on each delivery so receivers can reject stale events.
Endpoint SSRF Protection ★ NEWBlocks private, loopback and cloud-metadata IPs as delivery targets, at save and at send time.
Replay Protection with Nonce ★ NEWNonce plus a timestamp window deduplicates retries and rejects old deliveries.
Reliability & retries
X-OpsIQ-Idempotency Header ★Same nonce on every retry so a re-delivery never double-charges.
Exponential Backoff Retry Ladder ★1m → 5m → 30m → 2h → 12h: five automatic retries, then manual replay.
Delivery Log with Per-Attempt Detail ★HTTP status, latency and attempt count, colour-coded green / amber / red.
Manual Delivery Replay ★One-click replay from the delivery log once a receiver recovers.
Per-Endpoint Delivery RailThe last deliveries shown with status at a glance, per endpoint.
Delivery metadata
X-OpsIQ-Event HeaderCarries the event type so receivers can route without parsing the body.
X-OpsIQ-Delivery HeaderA delivery ID for tracking and correlating each attempt.
Testing & validation
Test Delivery Before Going Live ★Fire a sample payload and inspect the exact JSON, signature and HTTP response.
Test Signatures (dry_run)Returns the signed envelope without posting, so you can verify locally first.
Inbound Test DeliveryConfirm a mapping extracts the email and creates the right activity.
Endpoint management
Active / Inactive TogglePause an endpoint without deleting it.
Deletion with Pending CancellationDeleting stops pending retries while keeping the logs.
Inbound webhooks
Inbound Endpoints ★A unique URL plus secret per source, to paste into Stripe, Calendly or Zapier.
Inbound Signature Verification ★Verifies X-OpsIQ-Inbound-Signature before anything else happens.
JSON Path Mapping ★Extract email, event type and value via $.path from any payload shape.
Contact Name Extraction NEWPull the contact's name with contact_name_path so the timeline reads cleanly.
Value Field Extraction NEWMap a monetary or numeric value with value_path for scoring and reporting.
Summary Templates ★ NEWBuild a human summary from summary_path or a ${path} token template.
Inbound Preset Mappings ★One-click Stripe, Calendly and Zapier mappings prefilled.
Inbound Idempotency ★event_id dedup means source retries never double-count.
Inbound Activity on Contact Timeline ★Accepted events become scorable, triggerable activities on the contact.
Inbound Receipt Logok / error / duplicate / unmapped with the raw payload for debugging.
API & access control
API Keys: 3 Permission Modes ★All for trusted tools, Read-only for dashboards, or Restricted to block specific actions.
API Key Rate Limiting ★Calls-per-hour per key with a live usage bar.
API Key IP Allowlist (CIDR) ★Pin a key to office or data-centre IPs with CIDR ranges.
Live Action Catalog (meta.actions) ★Discover the full action menu a key can call; no key required to list.
Workspace-Locked API Keys ★ NEWEvery key is locked to its creating workspace, so multi-tenant isolation is automatic.
API Key Revocation (Instant) ★Revoke a leaked key and its calls fail immediately.
Automation rules
Workflows with Webhook StepPOST to a URL as one step inside a multi-step automation.
Visual Rule Builder ★Drag-drop conditions and actions: when X happens, do Y, no code.
Action endpoints
Action Contracts ★AI proposes, a human approves, then OpsIQ posts, only through the gate.
Scoped Action Execution ★A scope such as billing:write lets a key refund but never delete.
Reversible Actions with Undo ★Mark an action reversible and OpsIQ keeps the undo path.
Action Audit Trail ★Proposal, approval and call all logged for a full compliance trail.
Signed Action POST ★The same HMAC trust as webhooks on every action call.
Multi-tenancy
Endpoint Scope Isolation ★ NEWscope_kind/scope_key weld every endpoint, key and log row to its workspace.
FAQ

Webhook questions, answered.

Everything teams ask before they wire OpsIQ to the rest of their stack: signing, retries, inbound and actions.

Compute HMAC-SHA256 over the raw request body using your shared secret; X-OpsIQ-Signature is that hex digest with no prefix. Compare with a constant-time check such as hash_equals(). Sample code is on the developers page and in the signing section above.
We retry with exponential backoff: 1m → 5m → 30m → 2h → 12h (five attempts). After that the delivery is parked and you can replay it manually from the delivery log once the receiver is healthy again.
Yes. Each endpoint has its own secret you can regenerate at any time: rotate it, then point your verifier at the new secret.
Yes. The visual rule builder ("when X happens, do Y") covers most workflows, with conditions on customer tier, priority or keyword. Code-only paths via the REST API are available for complex cases.
Over 40 canonical events spanning commerce, billing, support and CRM, for example order.created, payment.completed, invoice.paid, subscription.renewed, ticket.created, crm.deal.won and contact.lifecycle_changed. Each endpoint can subscribe to the wildcard * or a precise subset.
Yes. Create an inbound endpoint and you get a unique URL plus a signing secret. Point Stripe, Calendly, Zapier, Make or your own app at it, add a small JSON mapping (where the contact email and event type live), and every accepted event becomes an activity on the matching contact.
An action endpoint lets AI act on your backend through a contract you define. AI proposes an action, a human or rule approves it, and only then does OpsIQ make a signed POST to your endpoint. Actions are scoped, can be marked reversible, and every proposal, approval and call is on the audit trail.
Issue keys for the REST API and pick a permission mode per key: All, Read only, or Restricted (block specific actions, including wildcards like crm.contacts.*). Add a per-hour rate limit and an optional IP allowlist. Every key is locked to the workspace it was created in.
No. Every write carries an Idempotency-Key, and webhook retries reuse the same key. If your endpoint sees a key it has already processed it returns the original result without doing the work twice, which is what makes payments and provisioning safe to retry.