Webhooks

Get a real-time POST to your server every time a lead signs up, verifies, or refers someone.

Webhooks let your own server react to events in Sjocamp the moment they happen. Available on the Team plan.

Creating a webhook

From Webhooks in the sidebar, click New webhook.

  • URL — your endpoint (must be HTTPS)
  • Events — pick which events trigger a delivery
  • Campaign — limit to a single campaign, or fire on all campaigns

Common events:

  • lead.created — a new signup
  • lead.verified — a pending lead clicked the verification link
  • lead.referred — a referral was credited to a referrer
  • reward.earned — a lead crossed a referral reward tier

Payload shape

Every webhook is a POST with a JSON body:

{
  "event": "lead.created",
  "delivery_id": "wd_01HX...",
  "occurred_at": "2026-04-26T19:42:11Z",
  "data": {
    "campaign_id": "cmp_01HX...",
    "lead": {
      "id": "lead_01HX...",
      "email": "alex@example.com",
      "status": "pending",
      "position": 412,
      "source": "referral",
      "referrer_code": "pa-9k2x",
      "fields": { "company": "Acme" }
    }
  }
}

The exact data shape depends on the event — see the dashboard’s Test tab on each webhook for live examples.

Verifying signatures

Every request includes an X-Sjocamp-Signature header — an HMAC-SHA256 of the request body, signed with the webhook’s secret (shown once at creation; treat it like a password).

Verify in your handler:

import crypto from 'crypto';

function verify(req: Request, secret: string) {
  const signature = req.headers.get('X-Sjocamp-Signature');
  const body = req.body; // raw bytes
  const expected = crypto.createHmac('sha256', secret).update(body).digest('hex');
  return signature === expected;
}

Reject any request whose signature doesn’t match.

Retries

If your endpoint returns a non-2xx status (or doesn’t respond within 10 seconds), Sjocamp retries with exponential backoff for up to 24 hours, then marks the delivery as failed.

Make your handler idempotent — keyed on delivery_id — because retries are inevitable in any production system.

Delivery log

Each webhook has a delivery log on its detail page: every attempt, the response code, the response body, and the latency. Use this to debug failures.

Webhooks vs. Zapier

WebhooksZapier
Best forYour own backendConnecting to no-code tools
Latency< 1 second1–15 minutes (poll-based)
CostIncludedFree Zapier plan limited
SetupCode an HTTP handlerClick-through

Use webhooks for anything time-sensitive (Slack alerts, internal CRM sync). See Zapier integration for everything else.