How does HMAC-SHA256 signing work?

Each webhook delivery includes an X-Ena-Signature header containing a HMAC-SHA256 signature of the request body, computed using your endpoint's signing secret. Your receiver should verify this signature before processing the payload to ensure the request genuinely came from EnaSmartWay.

What happens if my endpoint is down?

EnaSmartWay retries failed deliveries up to 5 times with exponential back-off. After all retries are exhausted, the delivery is marked as failed and logged. You can inspect failed deliveries in the Notifications log and manually re-trigger them.

Can I rotate the signing secret?

Yes. You can generate a new signing secret for any webhook endpoint from the Integrations settings. During a rotation period, you may temporarily accept both old and new secrets to avoid disruption.

Are webhook endpoints per-organization?

Yes. Each tenant's webhook endpoints are fully isolated. You can configure multiple endpoints per organization, each with its own URL, signing secret, and set of subscribed event types.

Webhooks

Platform events, delivered and signed.

Configure webhook endpoints to forward platform events to your own systems in real time — verified with HMAC-SHA256 signatures and retried automatically.

Start Free Trial

EnaSmartWay outbound webhooks push real-time JSON to any HTTPS endpoint with HMAC-SHA256 signatures, automatic retries, and per-organization endpoints. Use built-in Slack, Microsoft Teams, and Discord presets, or connect to n8n, Make, and Zapier.

Built for reliable delivery

💬

HMAC-SHA256 Signing

Every payload is signed so your receiver can verify it genuinely came from EnaSmartWay.

🎫

Automatic Retries

Failed deliveries retry with exponential back-off, then surface in the delivery log.

⭐

Per-Organization Endpoints

Each tenant's endpoints are fully isolated, with their own URL and signing secret.

📊

Multiple Endpoints

Configure several endpoints to fan out events to different systems independently.

📋

Payload Presets

Generic JSON plus Slack, Microsoft Teams, and Discord presets — no manual mapping.

👤

Secret Rotation

Rotate an endpoint's signing secret at any time, with a grace period to avoid disruption.

🔄

Delivery Logs

Inspect every attempt, see failure reasons, and re-trigger deliveries manually.

🧹

Automation-Ready

Connect to n8n, Make, Zapier, or your CRM to build any downstream workflow.

How to set up a webhook

1
Open Global Settings → Integrations in the EnaSmartWay admin panel.
2
Create a new webhook endpoint and paste your receiver URL.
3
Select event types and choose a payload preset (Generic, Slack, Teams, or Discord).
4
Copy the signing secret and verify the X-Ena-Signature header on incoming requests.

Webhooks FAQ

Get Started

See EnaSmartWay in your building.

PostgreSQL row-level security

HMAC-SHA256 audit chain

Global data security

Google Gemini AI narration