Inbound Webhooks

Overview

Inbound webhooks provide you with a unique URL to send WhatsApp messages. Instead of calling our API directly, you can POST messages to your personalized webhook URL. This is useful for:

No-code integrations - Connect with Zapier, Make, n8n, and other automation tools
Simple HTTP calls - Send messages with a single POST request
Secure tokens - Each URL contains a unique token tied to your account

Each inbound webhook URL is unique to your account and instance combination. Keep your webhook URL secure like an API key.

Creating an Inbound Webhook

Create an inbound webhook in the Developer Portal or via API:

const webhook = await client.webhooks.createInbound({
  name: 'Zapier Integration',
  instanceId: 'inst_abc123'
});

console.log('Webhook URL:', webhook.url);
// https://api.enviaai.app/webhook/wh_xyz789abc123def456

Webhook URL Format

Your inbound webhook URL looks like this:

https://api.enviaai.app/webhook/{token}

The token uniquely identifies:

Your account
The linked WhatsApp instance
Permissions for this webhook

Sending Messages

Send a message by POSTing to your webhook URL:

curl -X POST "https://api.enviaai.app/webhook/wh_xyz789abc123def456" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "5511999999999",
    "message": "Hello from my automation!"
  }'

Request Body

string

required

Recipient phone number in international format (without + or spaces)

message

string

Text message content. Required for text messages.

mediaUrl

string

URL of media file to send (image, video, audio, document)

mediaType

string

Type of media: image, video, audio, or document

caption

string

Caption for media messages

filename

string

Filename for document attachments

Response

success

boolean

Indicates if the message was queued successfully

messageId

string

Unique identifier for the message

status

string

Message status: queued

{
  "success": true,
  "messageId": "msg_abc123xyz",
  "status": "queued"
}

Examples

Send Text Message

curl -X POST "https://api.enviaai.app/webhook/YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "5511999999999",
    "message": "Your order #12345 has been shipped!"
  }'

Send Image

curl -X POST "https://api.enviaai.app/webhook/YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "5511999999999",
    "mediaUrl": "https://example.com/product.jpg",
    "mediaType": "image",
    "caption": "Check out our new product!"
  }'

Send Document

curl -X POST "https://api.enviaai.app/webhook/YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "5511999999999",
    "mediaUrl": "https://example.com/invoice.pdf",
    "mediaType": "document",
    "filename": "Invoice-2026-001.pdf"
  }'

No-Code Integrations

Zapier

Create an inbound webhook in the Developer Portal
In Zapier, add a “Webhooks by Zapier” action
Choose “POST” request
Paste your webhook URL
Set payload type to JSON
Map your data to to and message fields

Make (Integromat)

Create an inbound webhook in the Developer Portal
Add an “HTTP” module to your scenario
Choose “Make a request”
Set URL to your webhook URL
Method: POST
Body type: JSON
Add to and message fields

n8n

Create an inbound webhook in the Developer Portal
Add an “HTTP Request” node
Set URL to your webhook URL
Method: POST
Body Content Type: JSON
Add your message parameters

Managing Inbound Webhooks

List Webhooks

curl "https://api.enviaai.app/v1/webhooks/inbound" \
  -H "Authorization: Bearer your-api-key"

Delete Webhook

curl -X DELETE "https://api.enviaai.app/v1/webhooks/inbound/iwh_abc123" \
  -H "Authorization: Bearer your-api-key"

Regenerate Token

If your webhook token is compromised, regenerate it:

curl -X POST "https://api.enviaai.app/v1/webhooks/inbound/iwh_abc123/regenerate" \
  -H "Authorization: Bearer your-api-key"

After regenerating the token, the old URL will stop working immediately. Update all your integrations with the new URL.

Security

Keep your URL private - Anyone with the URL can send messages from your instance
Use HTTPS only - All webhook URLs use HTTPS encryption
Regenerate if compromised - If your URL is exposed, regenerate the token immediately
Monitor usage - Check webhook logs for unexpected activity

Rate Limits

Inbound webhooks share rate limits with the Messages API:

Plan	Messages per Minute
Free	100
Starter	500
Pro	2,000
Enterprise	Custom

Error Codes

Code	Description
`invalid_token`	The webhook token is invalid or revoked
`instance_disconnected`	The linked instance is not connected
`invalid_phone_number`	Invalid phone number format
`rate_limit_exceeded`	Too many requests
`insufficient_credits`	Not enough credits in your account

Webhooks Overview - Receive events from EnviaAI
Send Message API - Send messages via REST API

API Reference

Mensagens

Instâncias

Webhooks

Contatos

Grupos

Inbound Webhooks

Overview

Creating an Inbound Webhook

Webhook URL Format

Sending Messages

Request Body

Response

Examples

Send Text Message

Send Image

Send Document

No-Code Integrations

Zapier

Make (Integromat)

n8n

Managing Inbound Webhooks

List Webhooks

Delete Webhook

Regenerate Token

Security

Rate Limits

Error Codes

API Reference

Mensagens

Instâncias

Webhooks

Contatos

Grupos

​Overview

​Creating an Inbound Webhook

​Webhook URL Format

​Sending Messages

​Request Body

​Response

​Examples

​Send Text Message

​Send Image

​Send Document

​No-Code Integrations

​Zapier

​Make (Integromat)

​n8n

​Managing Inbound Webhooks

​List Webhooks

​Delete Webhook

​Regenerate Token

​Security

​Rate Limits

​Error Codes

​Related

Overview

Creating an Inbound Webhook

Webhook URL Format

Sending Messages

Request Body

Response

Examples

Send Text Message

Send Image

Send Document

No-Code Integrations

Zapier

Make (Integromat)

n8n

Managing Inbound Webhooks

List Webhooks

Delete Webhook

Regenerate Token

Security

Rate Limits

Error Codes

Related