OpenapiV1Webhooks
Create webhook subscription
Subscribe to real-time events from Aura.
How it works:
- Create a subscription with your endpoint URL
- Receive a
secretin the response (store this securely!) - When events occur, Aura sends HTTP POST requests to your URL
- Verify requests using the
X-Aura-Signatureheader
Security:
- Target URL must use HTTPS (no HTTP allowed)
- Each webhook is signed with HMAC-SHA256
- Use the secret to verify request authenticity
Payload Format:
{
"event": "call.booked",
"created_at": "2026-01-17T08:00:00Z",
"data": { /* event-specific data */ },
"organization_id": "org_xxx"
}Signature Verification:
const crypto = require('crypto');
const signature = crypto
.createHmac('sha256', YOUR_SECRET)
.update(JSON.stringify(payload))
.digest('hex');Retry Policy:
- Failed deliveries are retried 3 times
- Backoff: 1s, 5s, 15s
- Subscriptions with repeated failures may be disabled
event_typestring
Event type to subscribe to
Value in
"lead.created" | "lead.updated" | "lead.status_changed" | "call.booked" | "call.updated" | "call.started" | "call.completed" | "call.canceled" | "call.rescheduled" | "call.no_show" | "payment.succeeded" | "payment.failed" | "payment.refunded"target_urlstring
HTTPS URL where webhook payloads will be sent (must be publicly accessible)
Format
uriResponse Body
application/json
application/json
application/json
curl -X POST "https://api.aura-app.ai/v1/webhooks" \ -H "Content-Type: application/json" \ -d '{ "event_type": "call.booked", "target_url": "https://api.example.com/webhooks/aura" }'{
"success": true,
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"event_type": "call.booked",
"target_url": "https://api.example.com/webhooks/aura",
"created_at": "2026-01-17T08:00:00Z"
}
}{
"success": false,
"error": "Webhook subscription not found",
"code": "WEBHOOK_NOT_FOUND"
}{
"success": false,
"error": "Webhook subscription not found",
"code": "WEBHOOK_NOT_FOUND"
}