HTTP request
AISAR sends a signed POST request to your webhook_url:
http
POST {webhook_url}
Content-Type: application/json
X-AISAR-Signature: sha256=...
{
"event": "contact.updated",
"event_id": "evt_01JXXXXXXXXXXXXXXXXXXXXX",
"timestamp": "2026-03-26T12:00:00.000000Z",
"company_id": 1,
"data": {
"contact": {
"id": 10,
"display_name": "John Doe",
"first_name": "John",
"last_name": "Doe",
"second_name": null,
"phone": "+77001234567",
"email": "john@example.com",
"status": "customer",
"company": null,
"title": null,
"is_group": false,
"phones": ["+77001234567"],
"emails": ["john@example.com"],
"created_at": "2026-03-26T12:00:00.000000Z"
}
}
}The X-AISAR-Signature header carries an HMAC-SHA256 signature of the request body — use it to verify the request came from AISAR.
Example payload
json
{
"event": "contact.updated",
"event_id": "evt_01JXXXXXXXXXXXXXXXXXXXXX",
"timestamp": "2026-03-26T12:00:00.000000Z",
"company_id": 1,
"data": {
"contact": {
"id": 10,
"display_name": "John Doe",
"first_name": "John",
"last_name": "Doe",
"second_name": null,
"phone": "+77001234567",
"email": "john@example.com",
"status": "customer",
"company": null,
"title": null,
"is_group": false,
"phones": ["+77001234567"],
"emails": ["john@example.com"],
"created_at": "2026-03-26T12:00:00.000000Z"
}
}
}Payload fields
| Field | Type | Description |
|---|---|---|
contact.id | integer | Internal contact ID |
contact.display_name | string|null | Contact display name |
contact.first_name | string|null | First name |
contact.last_name | string|null | Last name |
contact.second_name | string|null | Middle name |
contact.phone | string|null | Primary phone number |
contact.email | string|null | Primary email address |
contact.status | string | lead or customer |
contact.company | string|null | Company name |
contact.title | string|null | Job title |
contact.is_group | boolean | Whether this is a group contact |
contact.phones | array | All phone numbers (strings) |
contact.emails | array | All email addresses (strings) |