> For the complete documentation index, see [llms.txt](https://docs.plextrac.com/plextrac-documentation/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.plextrac.com/plextrac-documentation/product-documentation-1/account-management/account-admin/integrations-and-webhooks/webhooks.md). # Webhooks Webhooks are a real-time, event-driven communication method that allows PlexTrac to send data automatically when a specific event occurs. Using HTTP POST requests, webhooks enable immediate data transfer without constant pulling, making them efficient and lightweight. By providing a unique URL for event notifications, webhooks facilitate automation and real-time updates between applications while ensuring security through authentication methods and encryption. {% hint style="info" %} Developers and technical users seeking to automate webhook management or integrate PlexTrac with other systems should refer to the [API endpoint documentation](/plextrac-documentation/api-documentation/webhooks.md). This page provides detailed instructions on programmatically creating, updating, and testing webhooks, making it suitable for those who require greater flexibility and control over their integrations. {% endhint %} ## Webhooks vs. APIs APIs use a pull model where clients request data from servers, while webhooks employ a push model, automatically sending data to clients when specific events occur. APIs often require polling for updates, which can introduce latency and consume resources, whereas webhooks provide real-time notifications, making them more efficient for immediate actions. While APIs are suited for complex data manipulation and retrieval, webhooks excel in automating workflows with simple event-driven notifications. Additionally, APIs necessitate client-initiated requests, while webhooks require clients to set up a URL endpoint to receive data. ## List of Webhooks Webhooks offered at this time that run on the following PlexTrac trigger event: * On report publish * On assessment submission * On scheduler engagement submission * On finding publish ## Variables PlexTrac webhooks support dynamic variables that automatically substitute real data values into your outgoing webhook payload at the time an event fires. This allows you to build rich, context-aware integrations with external systems without post-processing or additional API calls. ### Overview Variables are placeholder tokens you embed directly in your webhook message body. When a webhook event is triggered, PlexTrac replaces each variable with its corresponding live value before sending the payload to the destination URL. This is useful for: * Passing report metadata to external project management tools * Correlating PlexTrac records with external system IDs stored in custom fields * Automating downstream workflows with structured, data-rich payloads

#### Report Custom Fields in Webhook Payloads You can include report-level custom field values in outbound webhook payloads, enabling seamless correlation between Plextrac report data and records in external systems. #### How It Works To include a custom field value in a webhook payload, add the following placeholder to your webhook configuration: ``` %REPORT_CUSTOM_FIELD_% ``` Replace `` with the exact label of the report custom field. At the time the event fires, Plextrac substitutes the placeholder with the field's current saved value. #### Supported Event Types Custom field substitution is available on the following webhook event types: * On report status change * On report finding publish ## Creating a Webhook Step 1: From the **Admin Dashboard**, click the **Webhooks** button under "Integrations & webhooks."

Step 2: Click **New webhook**.

Step 3: Select the webhook type. PlexTrac provides configured solutions for standard solutions, such as Slack and Microsoft Teams. {% hint style="info" %} Special permissions, such as admin access to the workspace or channel, may be required to complete the setup. \ \ Visit [Slack](https://api.slack.com/messaging/webhooks) and [Microsoft Teams](https://support.microsoft.com/en-us/office/create-incoming-webhooks-with-workflows-for-microsoft-teams-8ae491c7-0394-4861-ba59-055e33f75498) documentation for more information on configuring webhooks within those applications. {% endhint %}

Step 4: Click Continue.

Step 5: Enter the desired information on the page.

1. Provide a webhook name. 2. Confirm if this applies to all clients or a specific one(s). 3. Select the PlexTrac trigger event from the provided options. More than one can be selected. 4. Insert the url of the application receiving the webhook data. 5. Enter the secret to validate authentication of the connection (if applicable). 6. Enter an message data that should appear to the receiver of the webhook. 7. Click **Test connection** to validate the configuration of an endpoint. When activated, this test initiates a series of checks to ensure everything functions correctly. First, the button verifies that the provided URL is valid and accessible and no redirect occurred. It checks that the domain resolves correctly and that the endpoint responds with a `200 OK` status code, indicating that it is operational. In addition to these validations, the endpoint must respond within five seconds, although the response time should be under one second for optimal efficiency. For security purposes, if a secret is used, the button generates an HMAC-256 signature and includes it in the `X-Authorization-HMAC-256` header of the POST request. This ensures that any communication with the endpoint remains secure. Step 6: Click **Save.** The webhook is enabled by default but can be turned off by toggling the bar under the "Enabled" column. ## Managing Webhooks Existing configurations can be modified by clicking **Edit** under the "Actions" menu of the webhook.

Webhooks can be deleted, or event logs can be viewed by clicking the three dots under the "Actions" menu of the webhook.

--- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.plextrac.com/plextrac-documentation/product-documentation-1/account-management/account-admin/integrations-and-webhooks/webhooks.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.