Webhooks overview

Webhooks let your systems react as soon as something changes in Upsign—without polling the API on a timer. When documents move through signing (sent, viewed, completed, declined, expired, and more), Upsign can POST signed JSON to HTTPS endpoints you control so you can update CRM records, kick off workflows, sync dashboards, and keep downstream tools aligned with real-time lifecycle events.

If you are automating around document status, pair webhooks with the ideas in Automate workflows; this section focuses on registering endpoints and consuming deliveries.

Create a webhook in Upsign

Company admins can register webhook URLs in the Upsign web app:

1. Open Settings.
2. Go to Integrations.
3. In the Webhooks section, add your HTTPS endpoint, set the subscription type, and save.

When you create a subscription, Upsign may show a secret key used to verify deliveries—copy and store it securely; it may only be shown once.

Manage webhooks with the API

You can also list, create, and delete webhook subscriptions programmatically—useful for infrastructure-as-code or partner onboarding flows.

Use the interactive API reference under Webhooks:

• GET /v2/webhooks — list subscriptions (admin only).
• GET /v2/webhooks/{public_id} — fetch one subscription (wh_*).
• POST /v2/webhooks — create (url, type, optional secret_key). secret_key is returned only once at creation if generated or supplied.
• DELETE /v2/webhooks/{public_id} — remove subscription (204).

These endpoints use the same X-Api-Key as other v2 APIs. Managing webhooks requires a company admin (the same role that can create API keys).

How to get information from webhooks

Upsign delivers POST requests to your registered URL. Your handler should read the JSON body, verify authenticity, and branch on the event type:

• Outbound delivery — JSON envelope, headers, and payload structure.
• Verify signatures — X-UpSign-Signature and how to validate requests.
• Events — event names and data fields per lifecycle signal.