Skip to main content

1. Headers

NameTypeRequiredDescription
AuthorizationstringNoCredential check (Bearer token) — pass it via the request header. Header format (case-sensitive): —header ‘Authorization: Bearer \[real Bearer token]’ Single quotes are required in the actual header. Square brackets are placeholders — don’t include them in the real header. The header key is fixed to Authorization and the value has the fixed prefix Bearer. Note: there must be a single space between the Bearer prefix and the real Bearer token.
Client-TokenstringNoFor idempotency. The header key is fixed to Client-Token and the value is generated by the caller (typically a UUID). Empty value = a new request. Non-empty = idempotent update — the same value within a 3-hour window only fires once.
Sample Bearer token request (square brackets are placeholders — replace before running, don’t include the brackets): 
curl --location --request POST '[real webhook URL]' \
--header 'Authorization: Bearer [real Bearer token]' \
--header 'Content-Type: application/json' \
--data-raw '{[real request body]}'

2. Request body

Set whatever fields you need. The body must be valid JSON.

3. Response body

If code in the response is not 0, the request failed. When code is non-zero, look up the code and message in the Error codes table below to debug. When the webhook receives the request successfully, the response looks like: 
{
"msg": "",
"data": { },
"code": 0
}
When the webhook hits an error, the response looks like: 
{
"data": { },
"code": 800004509,
"msg": "webhook trigger workflow is disabled"
}

4. Error codes

When a webhook trigger errors out, check the response on the caller side and match the code and message against the table below.
CodeMessageCauseResolution
800005649Credential check failedThe credential check is on, but the credential in the HTTP request doesn’t match what the automation expects — the run can’t proceed.Re-check and re-enter the credential.
800005650Source IP not in allowlistThe IP allowlist is on, and the request’s source IP isn’t on it.Add the IP to the allowlist or send the request from a permitted IP.
800005647Request body too largeThe webhook received an HTTP request larger than 4 MB.Trim the request body.
800005646Self-calling HTTP node — loop detected; change the HTTP node URLThe automation is triggered “when webhook is called” and its action is “send HTTP request” — and the HTTP URL is the same webhook URL, causing an infinite loop.Change the Send HTTP request URL — it must not match the webhook URL.
800005652Too many requests; try again laterThe webhook is rate-limited. - AI Table-wide webhook rate limit: 50 req/sec. - Per-automation webhook rate limit: 5 req/sec. - Automations without credential check (no Bearer token): 1 req/sec each.Try again later.
800006003Request body is not valid JSON; fix and retryTypically happens when using “set output via incoming request” — the received body is not valid JSON.Re-check the request body’s JSON, fix it, and retry.