Skip to content

WebhookScript Examples


Do you have a nice example to share with other users? Or looking for even more examples? Take a look at the WebhookScript example repository, and make a pull request if you want to contribute:

Convert a date

In this example, if we assume the variable $mydate$ is set to 2021-07-26T16:23:50+03:00, the variable will be overwritten to 2021.07.26 16:23 for actions running after the WebhookScript action.

input = var('$mydate$')

output = date_format(input, 'YYYY.MM.DD HH:mm')

set('$mydate$', output)

For more information about available date format characters, see here:

Loop through and compare items

In this example, we loop through a series of items and pick the item that's contained in a string.

location = 'test ABC example';

compares = [
  '123': 'token1',
  'ABC': 'token2',
  'DEF': 'token3',

token = ''; // Default value

for (compare in array_keys(compares)) {
    if (location.contains(compare)) {
        token = compares[compare]

dump(token) // token2

Submit request with escaped JSON

If you're building a JSON object, we recommend doing it in WebhookScript instead of typing JSON in the Send Request action type. In this example, one of the JSON values contain HTML generated using the string_format function.

html_message = string_format(
    '<b><u>New {} lead</u></b><br>
Location: {}<br>
Message from customer:<br>
<div style="background:#CCC">{}</div>',

payload = json_encode([
    'lead': [
        'firstname': var('firstname'),
        'lastname': var('lastname'),
        'html': html_message

   ['Content-Type: application/json']

Validate request

In this example, we use a common method of verifying webhooks by taking a hash of its contents concatenated to a secret. It demonstrates the way WebhookScript can get various information about the request by using the get_variable() function, as well as string concatenation, hashing, if statements and returning responses with content, status codes and headers using respond(), which halts execution.

verification_secret = "JHRlc3RTY3JpcHRTZWNyZXQ"
verification_challenge = var("request.header.x-request-verification")
verification_result = hash(var("request.content") + verification_secret, "sha256")

if (!verification_challenge or verification_challenge != verification_result) {
    respond("Invalid request", 500)

headers = ['X-Success: Yes']
respond("Successful request", 200, headers)

Send a x-www-form-urlencoded request

content = query([
    'country': 'Curaçao', 
    'population': 158665
headers = ['Content-Type: application/x-www-form-urlencoded'];
response = request('', content, 'POST', headers);

Transform and resend

In the following, an incoming request is JSON decoded to an array, transformed and sent to "Web Service 1". Then the output is saved and passed on to "Web Service 2" in XML format. Basic error handling and validation is demonstrated.

// Configuration, fetched from the users' Global Variables in Control Panel
ws1_api_key = var('WS1_KEY')
ws2_user_token = var('WS1_USER_TOKEN')

// Function for error handling
function error (message) {
    echo('Error: {}'.format(message))
    respond(json_encode(['error': message]), 500)

// Parse original request
orig_req = json_decode(var('request.content'))

// If the JSON was invalid
if (!orig_req) {
  error('Invalid request')

// Send request to Web Service 1, using format() for string placeholders
// with JSON decoded values from the incoming request body
ws1_url = '{}/interest-categories/{}/interests'.format(

ws1_content = [
  'first_name': orig_req['firstName'],
  'last_name': orig_req['lastName']
ws1_response = request(
    ['Authorization: Basic ' + ws1_api_key]

// Don't go further if the Web Service 1 step didn't succeed
if (ws1_response['status'] != 200) {
  echo(ws1_response['content']); // Log content to output
  error('Invalid response from WS1')

// Get a value from the Web Service 1 request
ws1_response_id = json_decode(ws1_response)['id']

// Pass response on to Web Service 2 in XML format, using a multi-line string and format()
ws2_content = '
    <field fid="7">{}</field>
  </qdbapi>'.format(ws2_user_token, orig_req['listId'], ws1_group_id)

ws2_response = request(
    "Action: API_EditRecord", 
    "Content-Type: application/xml"

if (ws2_response['status'] != 200) {
  echo(ws2_response['content']); // Log content to debug log
  error('Invalid response from WS2')

// Output the WS2 response content to debug output
respond('OK', 200)

Telegram bot

The Messaging service Telegram allows bots using their API. The general principle is this:

  1. Create a Bot using the /newbot command sent to the BotFather Telegram User
  2. Using the bot token sent from BotFather, use the Telegram API to create a Webhook subscription (using your URL)
  3. Add some logic using WebhookScript!

Note: Everywhere you see TELEGRAM_TOKEN, replace it with the token you got from BotFather!

Subscribe to Webhook

To create the Webhook subscription, change the token and the URL to your own and go to the following URL in your browser:

You should get a response similar to this:

  "ok": true,
  "result": true,
  "description": "Webhook was set"

First incoming Webhook

When you add your bot to your Telegram contacts list, Telegram automatically sends a /start command to the bot, which triggers a Webhook similar to this:

  "update_id": 176446573,
  "message": {
    "message_id": 1,
    "from": {
      "id": 2346545645,
      "is_bot": false,
      "first_name": "Simon",
      "language_code": "en"
    "chat": {
      "id": 34534673234,
      "first_name": "Simon",
      "type": "private"
    "date": 1581706369,
    "text": "/start",
    "entities": [
        "offset": 0,
        "length": 6,
        "type": "bot_command"

You should be able to see this in the requests list.

From this, we have all the parts needed to build a script that answers to commands:

// Telegram API token

content = json_decode(var('$request.content$'));
msg = content['message']['text'];
response = "Couldn't come up with anything witty.";

if (msg == "How's it going?") {
    response = 'Pretty good.'
if (msg == "How's the weather?") {
    response = 'Raining.'
if (msg == r"You're (.*)") {
    match = regex_extract_first(r"You're (.*)", msg)
    response = 'No, YOU are {}'.format(match);
if (msg == "/start") {
    response = "Hi! I'm WebhookBot."

url = '{}/sendMessage'.format(token)
json = [
    'chat_id': content['message']['chat']['id'],
    'text': response
request(url, json_encode(json), 'POST');

Things to note:

  • The API token is added to the script, but could also have been saved in Global Variables in Control Panel and fetched out with the var() function.
  • The third if-statement uses regex matching to provide a dynamic response. Someone typing "You're a bot" would receive "No, YOU are a bot"
  • Finally, we JSON encode a WebhookScript array and send it using the request() function.

Simply copy this script into a WebhookScript Custom Action (remember to change the token!), and click Save Action.

"WebhookScript" Telegram Bot screenshot

Then, you can interact with the bot using the Telegram app:

"WebhookScript" Telegram Bot screenshot

And that's it! Congratulations on your bot. It's not very smart, but from here, the possibilities are endless!

Building HTML content

The following script builds a piece of HTML content using the string_format function, based on previously defined variables, and shows how to use a function to return different content based on input.

After this, it sends a JSON request (by converting an array to JSON via the json_encode function) containing the HTML using basic Bearer authentication.

function alert_class() {
    if (status == 'Operational') { return 'success'; }
    if (status == 'Degraded Performance') { return 'warning'; }
    if (string_contains(status, 'Disruption')) { return 'danger'; }

template = '
  <div class="alert alert-{}">
    <h2 class="alert-title">{} - {}</h2>
      {}<br />
      State: {}<br />
      Component affected: {}

postbody = string_format(

json = [
  'alert': [
    'title': '{} - {}'.format(component, state),
    'body': postbody,
    'draft': false,
    'types': ['alert']

    'Content-Type: application/json',
    'Authorization: Basic {}'.format(token)

Uploading and parsing CSV file

With this script, a file upload form is displayed when visiting the URL. After submitting the form, the CSV file is processed and validated (in this example, there must be more than 2 rows). If it can't be validated, an error message is shown. Finally, the user is shown an "Upload successful" message if the CSV file is valid.

url = var('request.url')
set_header('content-type', 'text/html');

// Display file upload form and exit if HTTP method is not POST
if (var('request.method') != 'POST') {
            <head><title>Upload CSV</title></head>
                <h1>Upload CSV</h1>
                <form action="{}" method="POST" enctype="multipart/form-data">
                    <input type="file" name="file"/>
                    <button type="submit">Upload</button>

// Use a comma as delimiter and treat first row (0) as header row
array = csv_to_array(var('request.file.file.content'), ',', 0)

// If CSV can't be parsed, or there's less than 2 rows, fail
if (!array or array.length() < 2) {
        <h1>Could not parse CSV</h1>
        <a href="{}">Upload again</a>

// Display the parsed CSV in JSON format 
    <h1>Upload successful</h1>
        <a href="{}">Upload again</a>
'.format(json_encode(array), url))