Integration - Webhooks

Learn how to use our Webhooks feature for custom workflows.

Matt Szczurek avatar
Written by Matt Szczurek
Updated this week

Note: This feature is only available for our paid plans and is only available to select customers at the moment. Please contact us at if you would like to get this enabled for your SafeBase instance.

SafeBase can support your custom workflows by sending data to your custom webhooks after key events.


You can find the Webhooks configuration option under the Integrations section of the Settings page.

  • Click on the Connect button on the right to begin configuration.

  • A modal will appear that allows for you to add custom webhooks. There is an Add Endpoint button that will allow you to add your first webhook.

  • You can click on the Event Catalog tab to view a list of events that you can subscribe your custom workflow to. Over time, we will be adding more events as new features are added. If there is a certain one that you would like to see, please submit a request at

    • You can use the Event Catalog to see what the format of the data sent to the webhook will look like. At the moment, all data is returned as a JSON object.

  • When adding an endpoint, you just need to specify the webhook URL, and which events should trigger it. In this example we are triggering the webhook when an NDA is completed:

  • After saving, you may optionally configure rate limiting for this webhook, and pass a custom header for security reasons:


  • You can fire a test event to ensure that the webhook and any subsequent workflow logic is functioning as intended using the Testing tab:


  • You can view a history of recent webhook events and whether they were successful or not using the Logs tab. We recommend firing a few test events when configuring a new webhook endpoint for the first time.

Event Catalog

For a full list of available webhook events, please visit our Event Catalog.

Example Webhook Workflows

Our Webhooks feature can be used with a variety of your existing tools to further automate your Customer Trust efforts. Here are some possible custom workflows your team can create using this feature:

  • Slack has the ability to listen to incoming webhooks. You can create a custom Slack app with an incoming webhook and post a message to a channel/custom DM group with custom formatting if a user has signed an NDA or downloaded a SIG questionnaire.

  • If your organization uses Teams, you can use Webhooks to post a message to a Teams channel after a user submits a new access request.

  • You can use Webhooks to send SafeBase related activity to SIEM tools to act as an audit log. For example, you can send file download events to Splunk using an HTTP Event Collector. Note that you will have to use the /raw endpoint.

  • A legal team may want a record of any Clickwrap NDAs in a system such as Dropbox or Box. Zapier can be used to store completed NDA information into these third party tools.

  • Zapier is perhaps the most commonly used no-code integration middleware that we have seen our customers use. Some possible Zapier workflows include:

    • Some customers do not like to use Slack or Emails for SafeBase notifications. Webhooks can be used to create a new ClickUp task whenever a user submits an Access Request.

    • Customers may already be tracking inbound questionnaires using an existing project management tool. Webhooks can be used to create a new Asana task whenever a user submits a new questionnaire.

    • Some of our customers do not use a major CRM solution such as Salesforce and HubSpot. The Webhooks feature can be used to generate a new entry in a Google Sheet as a way to capture potential new leads when an access request is submitted.

    • Please see the Zapier Webhooks overview for even more ideas.

These are just some of the possibilities with the Webhooks feature. Have a custom workflow in mind, but aren't sure where to start? Reach out to us at or using our Intercom option to discuss with our team!


  • If you are using a Splunk HTTP collector, you will need to use the /raw endpoint rather than /event.

  • If you need a list of static IP addresses to whitelist the webhook events from, please refer to

  • If you notice that the event name is not part of the payload when configuring a webhook, this is normal. The test event does not have the event name, but a real event will.

Did this answer your question?