What Webhooks Do (and Why You Need Them)
A webhook is an HTTP callback — when an event happens in TrafficValidator (a lead is scored), it immediately sends the scoring data to a URL you specify. This lets you react to lead quality events in real-time: create a CRM contact, send a Slack alert, trigger a nurture sequence, or run custom business logic.
Webhooks are more powerful than polling (periodically checking an API for new data) because they're push-based. You don't need a scheduled job checking for new leads every few minutes. The moment a lead is scored, your systems receive the data and can act on it. For time-sensitive follow-up workflows, this real-time delivery is critical.
Setting Up Webhooks in TrafficValidator
From your project dashboard, navigate to Integrations → Webhooks and click Add Webhook. You'll specify the destination URL, choose which events to subscribe to (lead scored, verdict changed, threshold crossed), and optionally add a secret key for payload verification.
TrafficValidator signs each webhook payload with your secret key using HMAC-SHA256. Your receiving endpoint should verify this signature before processing the payload — this prevents bad actors from sending fake webhook payloads to your endpoint. The verification code is simple: hash the raw request body with your secret and compare it to the X-Signature header.
Connecting to Zapier and Make
For no-code integrations, TrafficValidator webhooks work natively with Zapier and Make (formerly Integromat). In Zapier, create a new Zap and choose "Webhooks by Zapier" as the trigger. Use the provided webhook URL in your TrafficValidator settings. Zapier will catch the first webhook payload and use it to map the data fields to your destination actions.
Common Zap patterns: score a lead → if score > 70, create HubSpot contact; score a lead → if verdict = "Definite Bot", add to suppression list; score a lead → always post summary to Slack channel. In Make, the same patterns work with the Webhook module and are visually connectable to hundreds of other services.
Building Custom Webhook Handlers
For engineering teams, receiving and processing webhooks in your application takes about 30 lines of code. Create an endpoint that accepts POST requests, verifies the HMAC signature, and processes the payload. The payload includes the lead's score, verdict, all validation signals, and the original form data.
Common custom implementations: insert scored leads directly into your database alongside other application data; forward only legitimate leads to your downstream CRM API while dropping bots; aggregate scoring data into your analytics pipeline for BI reporting; trigger custom notification logic based on lead quality thresholds by team, region, or campaign.
Retry Logic and Delivery Guarantees
TrafficValidator retries failed webhook deliveries with exponential backoff — if your endpoint is temporarily unavailable, we'll keep trying for up to 24 hours before marking the event as failed. You can view all webhook delivery attempts and their status in your integration logs, and manually retry any failed events.
To build a reliable receiving endpoint, return a 200 response as quickly as possible, then process the payload asynchronously. Don't wait for downstream API calls (creating a CRM contact, sending an email) before returning the 200 — this keeps your webhook delivery latency low and prevents timeout-related delivery failures.