Skip to main content

Setting up Lead Webhooks

These instructions explain how to create a new Shared Token and Configure Lead Webhook Authentication

Written by Michael Fatica

Lead Webhooks allow MetaLocator to securely send lead submissions in near-real time to external systems such as CRMs, marketing automation platforms, internal APIs, middleware platforms, and custom applications.

This feature is commonly used by Enterprise customers who need to:

  • Push leads into internal business systems immediately after submission

  • Integrate MetaLocator with platforms such as Salesforce, HubSpot, Zapier, Make, or custom APIs

  • Trigger downstream workflows or automations

Configuring a Lead Webhook

  1. Login to MetaLocator

  2. Click Interfaces

  3. Navigate to the Interface that will be generating leads and click Edit

  4. Click the Lead Generation Tab

  5. Provide your Webhook URL in the Lead Webhook URL setting.

Configuring Lead Webhook Authentication

With "Shared Token" authentication enabled, MetaLocator signs outbound webhook requests using a secure shared secret (the token). Your receiving application can then verify the signature using the same Shared Token to ensure the request has not been modified and was sent by a trusted source.

These instructions explain how to:

  1. Create a new Shared Token

  2. Configure Lead Webhook Authentication

  3. Assign the Shared Token to your interface

  4. Securely validate incoming webhook requests

First, create a new Shared Token as follows:

  1. Login to MetaLocator

  2. Click "My User Profile"

  3. Click "API Keys"

  4. Click New

  5. Choose "Shared Token"

  6. Provide a name for the token and click Save

  7. Copy the provided token and save in a safe place for use in your integration.

  8. Click Interfaces

  9. Navigate to the Interface that will be generating leads and click Edit

  10. Click the Lead Generation Tab

  11. Choose Signature Verification (Shared Token) for the "Lead Webhook Authentication" setting

  12. Choose the Shared Token created in step 6 for the Shared Token setting just below the "Lead Webhook Authentication" setting

  13. Save the Interface

The webhook payload now includes special headers which allow your receiving application to verify that the webhook actually came from MetaLocator. Details on this process are documented here.

Error Handling in Lead Webhooks

The HTTP Response Code and HTTP Response Body will be stored along with the lead object. Your Webhook should respond with an appropriate HTTP status code indicating success, e.g. 200.

Retrying Webhooks

If a lead webhook fails to send, you can retry the webhook from the Leads screen. Retrying a webhook sends the original webhook payload again without re-sending the lead notification or creating a duplicate lead. Read more here.

Error Reports

When a webhook failure is detected, MetaLocator will email the account owner an error report. Error reports are generated in the following scenarios:

  1. HTTP response codes of 300 or greater will trigger an error report.

  2. Unresponsive endpoints that timeout

  3. Endpoints with an invalid SSL certificate

  4. Unresolved DNS of the Webhook URL

  5. Network connectivity issues.

Endpoints that fail to establish an HTTP connection will be stored with an "999" HTTP status code and any error messages will be stored in the Webhook Response field.

A sample Webhook error email can be found below:

Related Articles
Exporting Leads
Webhook Security
Expiring Lead Notifications
Lead data anonymization
Retrying a Failed Lead Webhook
Did this answer your question?