Working with Webhook Tokens

Webhook Tokens are unique authentication keys designed for individual users on the Cliq platform. These tokens serve the purpose of authenticating incoming webhook calls from various sources. Each user is allowed to generate a maximum of 5 Webhook Tokens, ensuring secure and controlled access.


To connect webhooks with Cliq, you will be using endpoints that determine where the webhook message will be posted. Here are the different webhook endpoints available in Cliq and their respective descriptions:

  • Channels Message Endpoint: This endpoint enables you to post message notifications to a specific channel from any third-party application. By utilizing this endpoint, you can seamlessly relay important updates and information to designated Cliq channels.
  • Bots : Bots have two endpoints:
    • Incoming webhook endpoint: The Bot Incoming Webhook Endpoint facilitates real-time notifications. When connected to this endpoint, your Cliq component can promptly receive and process notifications from external sources. 
    • Bot Message Endpoint: The Bot Message Endpoint can be used to send messages to the bot.
  • Extensions:  If you have a Cliq Extension and wish to subscribe to events from a third-party application, the Extension Incoming Webhook Endpoint is the solution. By integrating with this endpoint, your extension can efficiently stay updated with relevant data. Extension webhook URLs have two endpoints:
    • Sandbox endpoint: This endpoint is during development for the developer to test the extension before publishing it on the marketplace.
    • Marketplace endpoint: This endpoint is used for the published version of the extension.

Managing Webhook Tokens

Webhook Tokens are listed under the Bots & Tools section along with all the other internal tools. Click on Generate New Token to create a Webhook Token. All your Webhook Tokens will be listed under Generated Tokens. Different data about your tokens wil lbe displayed here such as its name, the token unique id, number of invocations, the last time it was invoked and its status.

Note:  It should be noted that you can only generate a maximum of 5 tokens at any specific time.

You can rename your webhook tokens by clicking on the name of the token.

You can also copy the tokens by clicking on the copy to clipboard button that appears when you hover over them. The webhook token page also shows the number of invocations and the last invoked time of the webhook.  You can disable a token by clicking on its toggle switch under status (Any authentication that uses this token will not work till it's activated again). You also have the option to delete a token here.

Note : Deleting an active webhook token used in an integration will lead to failure. Make sure to replace a deleted webhook token with a new one for any existing integrations.

On clicking a token, you can view it's usage history. You also have the option to get a webhook URL directly from here by clicking on the "Get Webhook URL" button. On doing so, you get a popup where you can choose a module (channels, bots and extensions). Depending on the chosen module, the options will also get updated. Based on the chosen option, you will get the endpoints.