Webhooks
Receive HTTP requests from external services and trigger your workflows automatically.
What are Webhooks?
Webhooks give your OpenClaw gateway callable HTTP endpoints. When an external service sends a POST request to one of these URLs, it triggers a workflow that runs your defined steps.
This is perfect for connecting services like GitHub, Stripe, CI/CD pipelines, monitoring tools, or anything that supports webhook notifications.
How It Works
Define a workflow with a webhook trigger and a unique path (e.g. /hooks/github-push).
ClawManager generates the full URL by combining your gateway address with the webhook path.
Add the URL to GitHub, Stripe, or whatever service should trigger the automation.
When the service sends a POST request, your workflow steps execute automatically.
Where to Find It
In Standard View, click the Globe icon in the top bar, open the ⚡ Automate category, and select the 🪝 Webhooks tab.
In Advanced View, go to the Automation page and select the Webhooks sub-tab.
Creating a Webhook Endpoint
Click Create Webhook Workflow. This opens the Workflow Editor with the trigger pre-set to Webhook. You need to configure:
The Webhooks Dashboard
Once you have webhook workflows, the Webhooks tab shows a table with all your endpoints:
| Column | What it shows |
|---|---|
| Workflow | Name and description |
| Endpoint | The path (e.g. /hooks/github-push) with a copy button for the full URL |
| HMAC | Green "Set" or amber "None" indicating whether a secret is configured |
| Last Triggered | When this webhook was last called (e.g. "3h ago") |
| Deliveries | Total number of webhook invocations |
| Enabled | Toggle switch to enable or disable the endpoint |
| Actions | Test (fire a synthetic POST) and History (view delivery log) |
Delivery Log
Click the expand arrow or the History button on any webhook to see its delivery log. This shows the last 50 webhook-triggered runs with:
- • Timestamp — when the webhook was called
- • Status — success ✅ or failed ❌
- • Duration — how long the workflow took to execute
- • Output — any text output or error messages
Use the Test button to fire a synthetic POST request to your endpoint. This is helpful for verifying your workflow works before connecting a real external service.
🔒 Security
Without an HMAC secret, anyone who knows your webhook URL can trigger it. ClawManager shows an amber warning banner when any enabled endpoint has no secret configured.
⚠️ Recommendation: Always set an HMAC secret for production webhooks. This ensures only requests signed with your secret can trigger the workflow.
To set a secret, edit the webhook workflow and fill in the HMAC Secret field under the Webhook trigger settings. The external service also needs to be configured with the same secret so it can sign its requests.
For additional access control, see the Security docs, including domain allowlists and gateway exposure settings.
Common Use Cases
🐙 GitHub
Trigger a workflow on push, PR opened, or issue created. Have your agent review the PR, summarize changes, or run tests.
💳 Stripe
React to payment events. Notify a channel when a subscription starts, or have your agent log revenue data.
🔧 CI/CD
Connect your CI pipeline (GitHub Actions, GitLab CI, Jenkins) so your agent gets notified on build success or failure.
📊 Monitoring
Wire up Grafana, Datadog, or UptimeRobot alerts. When an incident fires, your agent can investigate and notify you.
Next Steps
Learn about the full Workflow system for more trigger types and step options, or head to Security to lock down your endpoints. See Automation for heartbeats and cron jobs.