Webhooks Integration Guide
To enable webhooks to be sent from your Scorecard go to Integrate > Webhooks and click Connect to add the URL that you'd like to receive webhooks too.
Note: You must provide a secure (https) URL that can receive POST requests
Once you have provided your secure URL to receive post requests you will be able to specify a secret key and which events you'd like to receive.
Events
There are 4 possible events you may receive as a webook:
Quiz Started (QUIZ_STARTED)
Quiz Finished (QUIZ_FINISHED)
Lead Details Updated (LEAD_DETAILS_UPDATED)
Lead Signed Up (LEAD_SIGNED_UP)
Webhook Payload Format
General structure
{
"event_name" : "Event name",
"data": {} // - Response data
}
Example QUIZ_STARTED webhook
{
"event_name" : "QUIZ_STARTED",
"data" : {
"id": "1e11c712-c4f7-48e9-8bc7-7d86ea273a6f",
"status": "Started",
"key": "64b00a39ce128979457258",
"first_name": null,
"last_name": null,
"email": "example@example.com",
"started_at": "2023-07-06T08:12:09.000Z",
"opt_in": true,
"opt_in_detail": "Implied",
"utm_source": null,
"utm_campaign": null,
"utm_medium": null,
"utm_term": null,
"utm_content": null,
"ip_address": "172.23.0.1",
"lead_form_questions": [ //- possible if we added fields to lead form.
{
"id": "01a725d2-bd2c-4aa0-a799-6d6fc8e7ac9d",
"question": "Question",
"answers": [
{
"answer": "Answer"
}
]
},
],
"quiz_questions": [],
"abandon_email_url": "https://example.scoreapp.com/continue/64a6775915bf6092267456"
}
};
Example QUIZ_FINISHED webhook
{
"event_name" : "QUIZ_FINISHED",
"data" : {
"id": "1e11c712-c4f7-48e9-8bc7-7d86ea273a6f",
"status": "Finished",
"key": "64b00a39ce128979457258",
"first_name": null,
"last_name": null,
"email": "example@example.com",
"started_at": "2023-07-06T08:25:25.000Z",
"opt_in": true,
"opt_in_detail": "Implied",
"utm_source": null,
"utm_campaign": null,
"utm_medium": null,
"utm_term": null,
"utm_content": null,
"ip_address": "172.23.0.1",
"lead_form_questions": [ //- possible if we added fields to lead form.
{
"id": "01a725d2-bd2c-4aa0-a799-6d6fc8e7ac9d",
"question": "Question",
"answers": [
{
"answer": "Answer"
}
]
},
],
"quiz_questions": [
{
"id": "0f9d99a8-1835-46d7-bb1f-86b579195797",
"question": "Question 1",
"answers": [
{
"answer": "No"
}
]
},
{
"id": "d9cadc83-50df-442c-aeb2-a0878e3e7fb7",
"question": "Question 2",
"answers": [
{
"answer": "5"
}
]
},
{
"id": "ea795cc9-e437-4734-a85a-34837dccbb2d",
"question": "Question 3",
"answers": [
{
"answer": "Answer 1"
},
{
"answer": "Answer 2"
},
{
"answer": "Answer 3"
}
]
},
],
"finished_at": "2023-07-06T08:25:29.000Z",
"report": "https://example.scoreapp.com/results/64a67a753fbb6186785302/pdf",
"lowest_category": {
"id": "433cad86-ce58-4755-9b97-16cbbea42b15",
"title": "Category 2"
},
"highest_category": {
"id": "3fc9bef7-c890-4ec7-9414-f13929ac4e38",
"title": "Category 1"
},
"total_score": {
"actual": "67.00",
"percent": 54,
"denominator10": 5.36,
"tier": "medium"
},
"category_scores": [
{
"actual": "56.00",
"percent": 50,
"denominator10": 4.96,
"tier": "medium",
"category": {
"id": "e6b19afd-891c-41cc-ab44-c7e2e8485acd",
"title": "Category 1"
}
},
{
"actual": "4.00",
"percent": 33,
"denominator10": 3.33,
"tier": "low",
"category": {
"id": "ff35527a-2cb8-4ed0-b142-5bad8ac14818",
"title": "Category 2"
}
},
],
"result_url": "https://example.scoreapp.com/results/64a67a753fbb6186785302",
"audiences": [
{
"id": "30672ea7-8515-46bd-bde1-09b8e0986873",
"name": "Audience 1"
},
{
"id": "278e64c9-71e4-4cb1-bc70-009e33357336",
"name": "Audience 2"
}
}
};
Example LEAD_SIGNED_UP webhook
{
"event_name" : "LEAD_SIGNED_UP",
"data" : {
"id": "1e11c712-c4f7-48e9-8bc7-7d86ea273a6f",
"status": "Started",
"key": "64b00a39ce128979457258",
"first_name": null,
"last_name": null,
"email": "example@example.com",
"started_at": "2023-07-06T08:12:09.000Z",
"opt_in": true,
"opt_in_detail": "Implied",
"utm_source": null,
"utm_campaign": null,
"utm_medium": null,
"utm_term": null,
"utm_content": null,
"ip_address": "172.23.0.1",
"lead_form_questions": [ //- possible if we added fields to lead form.
{
"id": "01a725d2-bd2c-4aa0-a799-6d6fc8e7ac9d",
"question": "Question",
"answers": [
{
"answer": "Answer"
}
]
},
],
"quiz_questions": [],
"abandon_email_url": "https://example.scoreapp.com/continue/64a6775915bf6092267456"
}
};
Example LEAD_DETAILS_UPDATED webhook
{
"event_name" : "LEAD_DETAILS_UPDATED",
"data" : {
"id": "1e11c712-c4f7-48e9-8bc7-7d86ea273a6f",
"status": "Finished",
"key": "64b00a39ce128979457258",
"first_name": null,
"last_name": null,
"email": "example.changed@example.com",
"started_at": "2023-07-06T08:25:25.000Z",
"opt_in": true,
"opt_in_detail": "Implied",
"utm_source": null,
"utm_campaign": null,
"utm_medium": null,
"utm_term": null,
"utm_content": null,
"ip_address": "172.23.0.1",
"lead_form_questions": [ //- possible if we added fields to lead form.
{
"id": "01a725d2-bd2c-4aa0-a799-6d6fc8e7ac9d",
"question": "Question",
"answers": [
{
"answer": "Answer changed"
}
]
},
],
"quiz_questions": [
{
"id": "0f9d99a8-1835-46d7-bb1f-86b579195797",
"question": "Question 1",
"answers": [
{
"answer": "No"
}
]
},
{
"id": "d9cadc83-50df-442c-aeb2-a0878e3e7fb7",
"question": "Question 2",
"answers": [
{
"answer": "5"
}
]
},
{
"id": "ea795cc9-e437-4734-a85a-34837dccbb2d",
"question": "Question 3",
"answers": [
{
"answer": "Answer 1"
},
{
"answer": "Answer 2"
},
{
"answer": "Answer 3"
}
]
},
],
"finished_at": "2023-07-06T08:25:29.000Z",
"report": "https://example.scoreapp.com/results/64a67a753fbb6186785302/pdf",
"lowest_category": {
"id": "433cad86-ce58-4755-9b97-16cbbea42b15",
"title": "Category 2"
},
"highest_category": {
"id": "3fc9bef7-c890-4ec7-9414-f13929ac4e38",
"title": "Category 1"
},
"total_score": {
"actual": "67.00",
"percent": 54,
"denominator10": 5.36,
"tier": "medium"
},
"category_scores": [
{
"actual": "56.00",
"percent": 50,
"denominator10": 4.96,
"tier": "medium",
"category": {
"id": "e6b19afd-891c-41cc-ab44-c7e2e8485acd",
"title": "Category 1"
}
},
{
"actual": "4.00",
"percent": 33,
"denominator10": 3.33,
"tier": "low",
"category": {
"id": "ff35527a-2cb8-4ed0-b142-5bad8ac14818",
"title": "Category 2"
}
},
],
"result_url": "https://example.scoreapp.com/results/64a67a753fbb6186785302",
"audiences": [
{
"id": "30672ea7-8515-46bd-bde1-09b8e0986873",
"name": "Audience 1"
},
{
"id": "278e64c9-71e4-4cb1-bc70-009e33357336",
"name": "Audience 2"
}
}
};
Failures and Retries
If the URL to which we send a webhook fails to send a response with a 2xx
status code we will consider the call as failed. The call will also be considered failed if the remote app doesn't respond within 10 seconds
If the call fails we will attempt to resend the webhook up to a maximum of 5 times.
Optional Webhook Header / Secret Key (Recommended)
If you provide an optional “WEBHOOK SECRET KEY”, a header (Scoreapp-Signature
) will be included with each webhook request containing a hashed string allowing you to securely validate the authenticity of the request.
The following is example PHP code that would verify the webhook request using this method
public function webhookHandler(Request $request)
{
$signature = $request->header('Scoreapp-Signature');
$signingSecret = 'Your webhook secret key';
$computedSignature = hash_hmac('sha256', $request->getContent(), $signingSecret);
$valid = hash_equals($signature, $computedSignature);
if (!$valid) {
return response('Unauthorized', 401);
}
// your code goes here
return response('Webhook handled', 200);
}