Webhooks

Notificări în timp real pentru mesaje SMS, WhatsApp și Email primite.

Prezentare generală

RCSZilla poate trimite cereri HTTP POST către serverul tău ori de câte ori au loc evenimente specifice. Acest lucru îți permite să construiești integrări în timp real fără a fi nevoie de polling.

Câmp	Descriere	Configured in
`incoming_sms`	A new SMS message was received by your Android device.	Devices → Control → Webhooks tab
`incoming_whatsapp`	A new WhatsApp message was received by your Android device.	Devices → Control → Webhooks tab
`incoming_email`	A new email arrived in an IMAP inbox linked to your SMTP server.	Email Servers → Edit → Incoming Email (IMAP) section
`test`	A test event sent manually from the UI.	Same as above

Configurare

Incoming SMS / WhatsApp Webhook

Go to Devices and click the control icon for your device.
Open the Webhooks tab.
Enter your endpoint URL (must accept POST, return 2xx within 10 seconds).
Optionally set a Webhook Secret for HMAC signature verification.
Click Save, then Send Test Webhook to verify.

Incoming Email Webhook

Go to Email Servers and edit (or add) a server.
Expand the Incoming Email (IMAP) section.
Enable IMAP polling and fill in the IMAP host, port, encryption, and credentials.
Enter a webhook URL and optional secret.
Save. A cron job checks for new emails every 2 minutes.

Formatul cererii

Headere

Header	Descriere
`Content-Type`	`application/json`
`User-Agent`	`RCSZilla-Webhook/1.0`
`X-RCSZilla-Event`	Event type: `incoming_sms`, `incoming_whatsapp`, `incoming_email`, or `test`
`X-RCSZilla-Delivery`	Unique delivery ID (use for deduplication)
`X-RCSZilla-Signature`	`sha256=<hex-hmac>` — only present if you set a webhook secret. The HMAC is computed over the raw JSON body using SHA-256.

incoming_sms / incoming_whatsapp

Fired when the Android app calls submit_reply with a new message.

JSON

{
  "event": "incoming_sms",
  "timestamp": "2026-05-27T14:30:00Z",
  "data": {
    "id": 209,
    "from": "+40712345678",
    "message": "Yes, I want to book an appointment",
    "channel": "sms",
    "device_id": 6,
    "contact": {
      "id": 42,
      "name": "John Doe",
      "phone": "+40712345678"
    },
    "auto_reply": "Thanks! We will get back to you shortly."
  }
}

Câmp

Câmp	Tip	Descriere
`event`	string	`incoming_sms` or `incoming_whatsapp`
`timestamp`	string	ISO 8601 UTC timestamp
`data.id`	int	ID of the stored incoming message
`data.from`	string	Sender phone number
`data.message`	string	Message text
`data.channel`	string	`sms` or `whatsapp`
`data.device_id`	int	Device that received the message
`data.contact`	object\|null	Matched contact (id, name, phone) or null if unknown sender
`data.auto_reply`	string\|null	Auto-reply text sent back, or null if no rule matched

incoming_email

Fired when the IMAP cron finds a new email in the configured mailbox.

JSON

{
  "event": "incoming_email",
  "timestamp": "2026-05-27T14:30:00Z",
  "data": {
    "id": 310,
    "from_email": "customer@example.com",
    "from_name": "John Doe",
    "to_email": "support@yourbusiness.com",
    "subject": "Re: Your order #1234",
    "body_text": "Hi, when will my order arrive?",
    "received_at": "2026-05-27T14:28:00Z",
    "smtp_server_id": 5
  }
}

Câmp

Câmp	Tip	Descriere
`data.id`	int	ID of the stored email
`data.from_email`	string	Sender email address
`data.from_name`	string	Sender display name
`data.to_email`	string	Recipient (your mailbox)
`data.subject`	string	Email subject line
`data.body_text`	string	Plain-text body (first 2000 chars)
`data.received_at`	string	Original receive timestamp
`data.smtp_server_id`	int	Which SMTP/IMAP server received this

Verificarea semnăturilor

If you configure a webhook secret, each delivery includes an X-RCSZilla-Signature header. Verify it like this:

PHP

<?php
$payload = file_get_contents('php://input');
$secret  = 'whsec_your_secret_here';

$header    = $_SERVER['HTTP_X_RCSZILLA_SIGNATURE'] ?? '';
$expected  = 'sha256=' . hash_hmac('sha256', $payload, $secret);

if (!hash_equals($expected, $header)) {
    http_response_code(401);
    exit('Invalid signature');
}

$data = json_decode($payload, true);
// Process the event...
http_response_code(200);
echo json_encode(['ok' => true]);

Node.js

const crypto = require('crypto');

app.post('/webhook', (req, res) => {
  const payload = JSON.stringify(req.body);
  const secret  = 'whsec_your_secret_here';
  const sig     = req.headers['x-rcszilla-signature'] || '';
  const expected = 'sha256=' + crypto.createHmac('sha256', secret)
                                      .update(payload).digest('hex');

  if (sig !== expected) return res.status(401).send('Invalid signature');

  const { event, data } = req.body;
  console.log(`Received ${event}:`, data);
  res.json({ ok: true });
});

Python

import hmac, hashlib, json
from flask import Flask, request, abort

app = Flask(__name__)
SECRET = 'whsec_your_secret_here'

@app.route('/webhook', methods=['POST'])
def webhook():
    payload = request.get_data()
    sig     = request.headers.get('X-RCSZilla-Signature', '')
    expected = 'sha256=' + hmac.new(
        SECRET.encode(), payload, hashlib.sha256
    ).hexdigest()

    if not hmac.compare_digest(sig, expected):
        abort(401)

    data = json.loads(payload)
    print(f"Event: {data['event']}", data['data'])
    return {'ok': True}

Politica de reîncercare

If your endpoint returns a non-2xx status code, times out (10 seconds), or is unreachable, the delivery is retried with exponential backoff:

Attempt	Delay
1st retry	1 minute
2nd retry	5 minutes
3rd retry	30 minutes
4th retry	2 hours
5th retry (final)	12 hours

After 5 failed attempts the webhook is marked as permanently failed. Successfully delivered webhooks are automatically cleaned up after 7 days. Failed deliveries are retained for 30 days.

Listare livrări Webhook

GET /?endpoint=webhook_deliveries

Returnează o listă paginată de livrări webhook pentru utilizatorul autentificat, cu numărători pe status și filtrare opțională.

Parametri interogare

Câmp	Tip		Descriere
`status`	string	opțional	Filtrare după status: `pending`, `processing`, `sent` sau `failed`.
`event_type`	string	opțional	Filtrare după tip eveniment: `incoming_sms`, `incoming_whatsapp`, `incoming_email` sau `test`.
`limit`	int	opțional	Rezultate pe pagină (1–100). Implicit: 20.
`offset`	int	opțional	Offset paginare. Implicit: 0.

Exemplu cerere

cURL

curl "https://api.rcszilla.com/?endpoint=webhook_deliveries&status=pending&limit=10" \
  -H "Authorization: Bearer YOUR-API-TOKEN"

Răspuns

JSON

{
  "success": true,
  "total": 42,
  "limit": 10,
  "offset": 0,
  "counts": {
    "pending": 3,
    "sent": 38,
    "failed": 1
  },
  "deliveries": [
    {
      "id": 156,
      "event_type": "incoming_sms",
      "webhook_url": "https://your-server.com/hook",
      "status": "pending",
      "attempts": 0,
      "max_attempts": 5,
      "http_status": null,
      "last_error": null,
      "next_retry_at": "2026-05-27T14:31:00Z",
      "created_at": "2026-05-27T14:30:05",
      "last_attempt_at": null
    }
  ]
}

Numărători pe status

Obiectul counts oferă o imagine de ansamblu rapidă a tuturor stărilor webhook fără a parcurge fiecare livrare. Folosește-l pentru widget-uri dashboard sau verificări de sănătate.

Câmp	Descriere
`pending`	În coadă, așteaptă următoarea rulare cron sau fereastra de reîncercare.
`processing`	În curs de livrare de către worker-ul cron.
`sent`	Livrat cu succes (HTTP 2xx). Curățat automat după 7 zile.
`failed`	Toate încercările de reîncercare epuizate. Curățat automat după 30 de zile.

Obține livrare Webhook

GET /?endpoint=webhook_delivery

Returnează o singură livrare webhook după ID, inclusiv payload-ul complet care a fost (sau va fi) trimis la endpoint-ul tău.

Parametri interogare

Câmp	Tip		Descriere
`id`	int	obligatoriu	ID-ul livrării returnat de `webhook_deliveries`.

Exemplu cerere

cURL

curl "https://api.rcszilla.com/?endpoint=webhook_delivery&id=156" \
  -H "Authorization: Bearer YOUR-API-TOKEN"

Răspuns

JSON

{
  "success": true,
  "delivery": {
    "id": 156,
    "event_type": "incoming_sms",
    "webhook_url": "https://your-server.com/hook",
    "payload": {
      "event": "incoming_sms",
      "timestamp": "2026-05-27T14:30:00Z",
      "data": {
        "id": 209,
        "from": "+40712345678",
        "message": "Yes, I want to book",
        "channel": "sms",
        "device_id": 6,
        "contact": {
          "id": 42,
          "name": "John Doe",
          "phone": "+40712345678"
        },
        "auto_reply": null
      }
    },
    "status": "sent",
    "attempts": 1,
    "max_attempts": 5,
    "http_status": 200,
    "last_error": null,
    "next_retry_at": null,
    "created_at": "2026-05-27T14:30:05",
    "last_attempt_at": "2026-05-27T14:30:08"
  }
}

Folosește webhook_deliveries?status=failed pentru a monitoriza endpoint-urile defecte, sau status=pending pentru a verifica adâncimea cozii. Câmpul counts din răspunsul listei este ideal pentru dashboard-uri de monitorizare.

n8n Integration

To receive webhooks in n8n:

Add a Webhook node to your workflow and copy its URL.
Paste that URL into the webhook URL field in {APP_NAME} (Devices → Webhooks or Email Servers → IMAP).
Test to confirm n8n receives the event.
Connect downstream nodes to process the data (e.g., send a Slack message, update a CRM, trigger a reply).

Configurare Cron

Add these cron jobs to your server:

crontab

# Fire pending webhooks (every minute)
* * * * * /usr/bin/php /path/to/send_sms/cron/process_webhook_queue.php

# Poll IMAP inboxes for new emails (every 2 minutes)
*/2 * * * * /usr/bin/php /path/to/send_sms/cron/process_incoming_emails.php