WHK
Step-by-Step Setup 20-30 minutes

Webhooks & API Setup

Automations & Workflows Advanced
Need more detail? Read the full guide for config deep-dives and best practices.

Webhooks & API Setup

Connect HighLevel to external services using outbound webhooks, receive data from external systems using inbound webhooks, and access the REST API programmatically. This guide walks you through each integration method.

Prerequisites

Before you begin, make sure you have:

  • Access to Automation > Workflows in your sub-account (for webhooks)
  • An external service to connect to (Zapier, Make, custom API, Slack, etc.)
  • API credentials or webhook URLs from the external service
  • Basic understanding of HTTP methods (GET, POST, PUT, DELETE) and JSON structure
  • For API access: Developer access to the marketplace portal at marketplace.gohighlevel.com/docs/

Set Up an Outbound Webhook

Push data from HighLevel to an external service automatically.

Go to Automation > Workflows and open an existing workflow or create a new one. Add a trigger that starts your workflow (like Form Submitted or Contact Tag Added).

Click the + button on the workflow line where you want to send data out. Search for Webhook in the Actions panel and select it.

Give the action a descriptive name like “Send Lead to Slack” or “Update External CRM.”

Choose POST as the HTTP method. This is the standard method for sending data to most external services.

Paste the destination URL from the external service. For Zapier or Make, this is the webhook URL provided when you create a new webhook trigger in their platform. For custom APIs, this is the endpoint URL you want to send data to.

Optionally add custom key-value pairs under Custom Data to include extra fields beyond the default contact data. For example, add a key called “source” with a value like “contact-form” to tag where the lead came from.

Click Save Action to add the webhook to your workflow.

Set Up a Custom Webhook

Build a fully customized HTTP request with custom methods, headers, authentication, and JSON payloads.

Click the + button on the workflow line and search for Custom Webhook. Select it to open the configuration panel.

Give the action a descriptive name. Choose CUSTOM (advanced) from the Event dropdown to unlock full control over the request.

Choose the HTTP method based on what your external service expects:

  • GET: Retrieve data from an external API (no request body)
  • POST: Create new records (include a JSON body)
  • PUT: Update existing records (include the record ID in the URL and updated fields in the body)
  • DELETE: Remove records (typically only requires the record ID in the URL)

Set the destination URL. Include path parameters like record IDs directly in the URL if needed.

Configure Authentication

Choose the authentication method your external service requires.

Expand the Authentication section. Select the method that matches your external service:

  • Bearer Token: Sends an Authorization: Bearer <token> header. Paste your access token in the provided field
  • API Key: Places your key in a custom header like X-API-Key. Enter the header name and key value
  • Basic Auth: Provide a username and password. HighLevel encodes and sends the Authorization: Basic header automatically
  • OAuth 2.0: Configure tokens in Global Workflow Settings > OAuth2 / Manage Tokens, then select the token from the dropdown
  • No Auth with Custom Headers: For services that use a bespoke header, choose No Auth and add the header manually in the Headers section

Never place API keys or tokens in the URL query string unless the provider specifically requires it. Always use headers for credentials.

Build the Request Payload

Construct the JSON body using contact data and dynamic values.

Set the Content-Type header to application/json if you are sending JSON data, or application/x-www-form-urlencoded if the service expects form data.

In the Body field, build your JSON payload. Use dynamic values like {{contact.first_name}}, {{contact.email}}, {{contact.phone}}, and {{contact.id}} to personalize each request.

Example flat JSON:

{
  "first_name": "{{contact.first_name}}",
  "last_name": "{{contact.last_name}}",
  "email": "{{contact.email}}",
  "phone": "{{contact.phone}}"
}

Example nested JSON:

{
  "contact": {
    "id": "{{contact.id}}",
    "name": "{{contact.name}}",
    "tags": ["{{contact.tag}}", "new-lead"]
  }
}

Click Save Action to add the custom webhook to your workflow.

Set Up an Inbound Webhook

Receive data from external systems and use it to trigger a workflow.

Create a new workflow or open an existing one. Click Add New Trigger and select Inbound Webhook from the Event Triggers category.

A unique webhook URL appears in the trigger configuration panel. Copy this URL. This is the destination you will paste into your external service.

Paste the webhook URL into your external system as the destination for outgoing data. For example, if you are using Zapier, paste the URL into a Zapier Webhook action at the end of a Zap.

Test the Inbound Webhook

Verify the webhook receives data correctly before building the workflow.

From your external system, send a test request to the webhook URL. Make sure the request includes a JSON payload with at least an email or phone number if you want the workflow to create or find a contact.

Return to the HighLevel workflow and click Test Trigger in the Inbound Webhook configuration panel. A list of received requests appears. Select the test request you just sent.

Click Save to store the mapping reference. The workflow automatically adds a Create/Update Contact action. Map the incoming fields (email, phone, name) to CRM fields.

The fields from your incoming payload are now available as custom values throughout the workflow. You can use them in SMS and email actions, If/Else conditions, and other webhook actions.

Access the REST API

Read and write data programmatically using the HighLevel REST API.

Go to https://marketplace.gohighlevel.com/docs/ to access the full API documentation. API v1 has reached end-of-support. All new development should use v2.

Choose your authentication method:

  • Private Integration Tokens: Best for internal tools and single-location integrations. Generate a token in your sub-account or agency settings under Settings > Integrations > API Key
  • OAuth 2.0: Required for public integrations, Marketplace apps, or scenarios where you access multiple locations. Follow the OAuth 2.0 setup guide in the developer documentation

Make Your First API Request

Test an API endpoint before building your integration.

Use a tool like Postman or cURL to test endpoints. For example, to list contacts in a location:

Endpoint: GET https://rest.gohighlevel.com/v1/contacts/

Headers:

  • Authorization: Bearer YOUR_API_TOKEN

Send the request. A successful response returns a status code of 200 and a JSON payload containing contact data.

Common status codes:

  • 200: Success
  • 400 / 422: Invalid payload. Check required fields, data types, and payload structure
  • 401 / 403: Unauthorized or forbidden. Verify your token, API key, or OAuth scopes
  • 404: Resource not found. Confirm the endpoint URL and path parameters
  • 429: Rate limited. Slow down requests or add delays between calls
  • 5xx: Server error. Retry later and contact support if the issue persists

Monitor API Rate Limits

Avoid rate limit errors by monitoring your usage.

HighLevel enforces two layers of rate limiting:

  • Burst limit: 100 requests per 10 seconds per Marketplace app per resource
  • Daily limit: 200,000 requests per day per Marketplace app per resource

Check the response headers in every API response to monitor your usage:

  • X-RateLimit-Limit-Daily: Total daily limit
  • X-RateLimit-Daily-Remaining: Requests remaining for the day
  • X-RateLimit-Interval-Milliseconds: Burst interval duration
  • X-RateLimit-Max: Burst limit
  • X-RateLimit-Remaining: Burst requests remaining

If you approach the burst limit, add delays between API calls. If you approach the daily limit, optimize your integration to reduce the number of requests.

Test Your Setup

Verify your webhook and API configurations are working correctly:

For Outbound Webhooks:

  • Use a tool like webhook.site to inspect the exact payload being sent
  • Check the Execution Logs in your workflow to confirm the webhook action shows a status of “Executed”
  • Verify the external service received the data and processed it correctly

For Inbound Webhooks:

  • Send a test request using Postman or cURL to the webhook URL
  • Click Test Trigger in the workflow to verify the data was received
  • Confirm the field mapping matches your expectations

For API Requests:

  • Test read operations (GET) before testing write operations (POST, PUT, DELETE)
  • Check response status codes and rate limit headers
  • Verify the data returned or updated matches your expectations

Next Steps

Now that your integrations are live, expand your automation capabilities:

  • Explore the full Webhooks & API guide for advanced use cases and troubleshooting
  • Connect multiple external tools using the Actions Library
  • Build complete automations in the Workflow Builder
  • Use If/Else Branching to route contacts based on data from external systems
  • Join the HighLevel Developer Slack community for coding help and API support
Back to GHL Features Table Read Full Guide

Stay sharp. New guides and playbooks as they drop.