A webhook is a way to notify you when certain events happen in Ashby. Webhooks allow for real-time integration with Ashby's platform, enabling automated responses to events like candidate status changes, job posting updates, or interview scheduling. For a full list of events that trigger webhooks, see the list of webhook payloads in our API reference.

Webhooks are configured in Ashby under the Admin panel, by going to Admin > Integrations > Webhooks. Create a new webhook by clicking the "New" button or edit/delete an existing webhook by clicking on it in the list.

Webhook configuration

To set up a webhook, you need to configure your payload url, the webhook event type, and (optionally), a secret token.

Webhook Type

This is the type of event that you want to receive webhooks for. You can choose the event type from a dropdown when configuring a new webhook.

Request URL

This is the url that webhook requests will be sent to. You can configure different urls for different webhooks, or create multiple webhooks for the same event to "fan out" requests to different urls.

Secret Token

You can provide a secret token that will be used by Ashby to cryptographically sign all webhook requests. The signature will be sent with the request in an Ashby-Signature http header. By computing a digest of the payload using your secret token, you can compare it to the signature sent with the request to be sure that it was generated by Ashby using the token you provided.

Although you don't have to provide this token, it's strongly encouraged that you do so in order to protect yourself against malicious parties sending bogus webhooks to your server.

Ping webhooks

When you create or edit a webhook, a "ping" webhook with some basic data about the webhook configuration will be sent to your endpoint. If your server does not respond to the request, or responds with an error code (any code >400), the webhook will still be created but in a disabled state, where requests will not be sent. After fixing your server endpoint, you can go back to the webhook and check the "enabled" box and click the "Update" button to create a new ping request. If this is successful, your webhook will be enabled.