Webhooks
ZenSearch receives webhooks from connected source platforms and automation triggers. There is no outbound webhook delivery for ZenSearch-internal events (sync.completed, document.indexed, etc.) on the public API.
Connector change webhooks
Inbound notifications from your data source platforms trigger an incremental reindex of the corresponding connector — much faster than waiting for the next scheduled poll.
Endpoints
POST /webhooks/connectors/{connectorType}
POST /webhooks/connectors/{connectorType}/{connectorID}
GET /webhooks/connectors/{connectorType}/validate
{connectorType} is one of the supported types below. The /validate endpoint exists so platforms that require a verification challenge (Google Drive, SharePoint) can confirm the URL is reachable before activating notifications.
Supported inbound providers
| Provider | Subscription style | Auth |
|---|---|---|
| Google Drive | Push notifications API (changes.watch) | Google channel token + auto-renewed expiry |
| SharePoint / OneDrive | Microsoft Graph subscriptions | Subscription clientState + auto-renewed expiry |
| GitHub | Repository webhook (push, pull_request, repository) | HMAC-SHA256 (X-Hub-Signature-256) |
| Slack | Events API (message, message_changed, message_deleted, file_shared) | Slack signing secret (X-Slack-Signature) |
Other connectors (S3, Confluence, Jira, Notion, Azure Blob, Salesforce, SAP, HubSpot, Web Crawler) sync on a schedule only and do not currently consume inbound webhooks.
Subscription renewal
Subscription-based providers (Google Drive, SharePoint, GitHub) have their notification subscriptions auto-renewed by a background job before they expire. Operators do not need to re-register webhooks manually.
Signature validation
Each provider uses its native signature scheme. Configure the shared secret on the connector when you create the webhook on the source platform; the secret is stored in the encrypted credential_secrets table and validated on every incoming request.
Inbound triggers
Several automation triggers also accept inbound webhooks. These are documented separately:
- Email triggers —
POST /api/v1/webhooks/email/{postmark|sendgrid|ses}ingests parsed inbound email and routes to matching automations - Event subscriptions —
POST /api/v1/webhooks/events/{provider}accepts Jira, Zendesk, GitHub, Confluence, Salesforce, HubSpot event payloads - Meeting triggers —
POST /api/v1/webhooks/meetings/{provider}accepts Zoom, Google Meet, Microsoft Teams meeting events - Slack approvals —
POST /api/v1/webhooks/slack/approvalshandles delegate-to-human approval button clicks
Each trigger has its own per-provider signing-secret configuration; see the relevant feature documentation.
Outbound webhooks
ZenSearch does not currently emit outbound webhooks for sync, indexing, or chat events. Subscribe to changes by polling the dashboard API or, for chat/search, consume the SSE event stream returned by /v1/chat/stream.