Webhooks
Receive real-time notifications when consent events occur on your websites.
Overview
Webhooks allow you to receive HTTP POST notifications to your server whenever a consent event happens. This is useful for syncing consent data with your CRM, analytics platform, or compliance system.
Setting Up Webhooks
- Go to Integrations in your dashboard
- Click Add Webhook
- Enter your endpoint URL (must be HTTPS)
- Select the events you want to receive
- Save and test the webhook
Available Events
| Event | Description |
|---|---|
| consent.given | A visitor has given consent (accepted all or selected categories) |
| consent.denied | A visitor has denied all optional cookies |
| consent.updated | A visitor has changed their consent preferences |
| scan.completed | A cookie scan has finished |
| scan.failed | A cookie scan has failed |
Payload Format
Each webhook sends a JSON POST request with the following structure:
{
"event": "consent.given",
"timestamp": "2025-07-03T12:00:00Z",
"website_id": "abc-123",
"data": {
"visitor_id": "v_xyz789",
"preferences": {
"necessary": true,
"functional": true,
"analytics": true,
"marketing": false
},
"ip_country": "GB",
"user_agent": "Mozilla/5.0..."
}
}
Verifying Webhooks
Each webhook request includes an X-Cookiewise-Signature header containing an HMAC-SHA256 signature of the request body. Verify this signature using your webhook secret to ensure the request is authentic.
Retry Policy
If your endpoint returns a non-2xx status code, Cookiewise will retry the webhook up to 3 times with exponential backoff (1 minute, 5 minutes, 30 minutes).