Webhooks Overview

ChatYug forwards WhatsApp events to your HTTPS endpoint as JSON POST requests.

How it works

  1. Meta sends WhatsApp events to ChatYug.
  2. ChatYug processes and stores the event.
  3. ChatYug POSTs a normalized JSON payload to your configured webhook URL.

Configuration

Webhook URLs are configured only in the ChatYug portal — there is no External API endpoint to register or rotate webhooks programmatically.

Webhook Settings (login required): https://chatyug.com/webhook-settings

For each WABA you can set:

  • Webhook URL — public HTTPS endpoint on your server
  • Secret key — optional, used for HMAC signature verification
  • Active flag — enable or pause delivery

URL requirements

  • Must use HTTPS (HTTP allowed only in test environments when explicitly enabled server-side)
  • Must not resolve to private, local, or internal hostnames
  • Must return HTTP 2xx to acknowledge receipt

Event types

eventTypeWhen fired
messageCustomer sends a message (text, media, interactive reply, flow submission, etc.)
statusOutbound message status changes (sent, delivered, read, failed)
orderCustomer places a WhatsApp catalog cart order
testPortal "Send test event" to validate your endpoint

Payload envelope

Every outbound webhook uses the same top-level structure. See Event Reference for per-type data shapes.

{
  "eventType": "message",
  "userId": 42,
  "wabaId": "100000000000002",
  "phoneNumberId": "100000000000001",
  "eventId": "wamid.HBgMOTE5ODc2NTQzMjEwFQIAERgSQjAwMDAwMDAwMDAwMDAwAA==",
  "occurredAt": "2026-07-13T07:00:00.000Z",
  "data": { }
}

Headers

HeaderDescription
Content-Typeapplication/json
X-Chatyug-Event-IdSame value as eventId in the body — use for idempotency
X-Chatyug-Signaturesha256=<hex> HMAC of raw body when secret is configured

Next: Signature Verification · Retry & Troubleshooting