All docs
2 min read Last updated:

Generic webhook

Send each accepted submission to your own HTTPS endpoint as JSON. This is the path to use when you want Formspring’s versioned envelope, optional field filters, payload picks/renames, and a cryptographic signature you can verify on your server.

What you need

  • A publicly reachable HTTPS URL that accepts POST with JSON.
  • Your server (or serverless function) ready to read headers and body.

What Formspring sends

The JSON body uses an api_version, an event, and a data object that includes submission id, form_id, timestamps, status, the field payload, optional consent snapshot, and a files array with metadata (field name, original filename, mime type, size)-not the raw file bytes.

Formspring adds:

  • X-Formspring-Signature: t=<unix>,v1=<hex> – HMAC-SHA256 over <t>.<rawBody> with your webhook secret (industry-standard t=,v1= format).
  • X-Formspring-Event and X-Formspring-Delivery for tracing.

Optional dashboard controls

When you edit a generic webhook (not a built-in provider card), Formspring may show:

  • Filter – only deliver when a submitted field matches your rule.
  • Included fields – send a subset of payload keys.
  • Rename fields – change keys before signing and sending.

Built-in integrations like Slack or Make do not use this screen; they use each vendor’s own format.

Steps

  1. Implement an HTTPS endpoint that reads the raw body as a string (for signature verification), then parses JSON.
  2. In Formspring, add a generic webhook, paste the URL, optionally set filters or maps, Save, and note the signing secret if your code needs it.
  3. Send a test submission and verify your logs.
  4. Confirm Deliveries shows 2xx from your endpoint.

Tips

  • Verify the signature before trusting the JSON.
  • On failure, Formspring retries with backoff; fix your endpoint and use Replay.
  • File downloads use Formspring’s authenticated flows-use submission and file APIs from your backend after you trust the webhook.

More help