guidewebhooksintegrations

Connect Your Live Chat to Zapier, n8n, or Make

May 10, 2026 · Agentbot

Live chat tools have webhooks for a reason. Use them.

This is a walkthrough of connecting Agentbot (or any webhook-emitting chat tool) to Zapier, n8n, or Make — three of the most common workflow automation platforms. The pattern is the same across all three: receive a webhook, optionally verify the signature, route into your downstream system.

The webhook contract

Before the integration steps, the part most guides skip: what's actually in the webhook.

Agentbot emits HMAC-signed webhooks for every meaningful event:

  • conversation.created — new chat opened
  • conversation.updated — status, assignment, needs_human flag changed
  • conversation.closed — chat ended (by AI auto-resolve, agent close, or visitor leave)
  • message.created — new message in any conversation
  • ticket.created — async ticket filed
  • ticket.updated — status, assignment, priority changed

Each request body is JSON with the event type, the relevant entity (conversation / message / ticket), and metadata (timestamps, IDs, visitor info). Full payload reference at /docs/webhooks.

Two headers matter:

X-Agentbot-Event: conversation.created
X-Agentbot-Signature: <hex HMAC SHA-256 over the raw body>

The signature is computed with HMAC SHA-256 using your webhook secret (configured per-endpoint in the dashboard). Verifying in code is three lines:

const expected = crypto.createHmac('sha256', SECRET).update(rawBody).digest('hex');
const ok = crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(receivedSignature));

Use timingSafeEqual, not === — string comparison leaks timing info that can be exploited to forge signatures. Always.

Zapier setup

Zapier doesn't have an official Agentbot app yet. Use Webhooks by Zapier (the catch-hook trigger) — works today with no approval delay.

  1. New Zap → Trigger → Webhooks by Zapier → Catch Hook. Zapier generates a unique catch-hook URL — copy it.
  2. In Agentbot: Settings → Webhooks → New endpoint. Paste the Zapier URL. Pick events to subscribe to (typically conversation.updated with needs_human=true, or ticket.created).
  3. Test: trigger one of the events in Agentbot (e.g. send a chat that escalates). Zapier shows the payload. Map fields into the next action.
  4. Add downstream actions: Slack message, Notion row, Linear issue, HubSpot contact — any of Zapier's 6,000+ apps.

For signature verification, add a Code by Zapier step between the trigger and your downstream action:

const crypto = require('crypto');
const SECRET = 'your-webhook-secret';
const body = inputData.rawBody;
const sig = inputData.headers['x-agentbot-signature'];
const expected = crypto.createHmac('sha256', SECRET).update(body).digest('hex');
if (!crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(sig))) {
  throw new Error('invalid signature');
}
output = { verified: true };

If signature verification fails, the Zap halts — the downstream action doesn't fire. Belt-and-braces protection against someone forging a webhook into your endpoint URL.

Cost note: Webhooks by Zapier works on Zapier's Free plan. Multi-step Zaps (Catch → Code → Slack, 3 steps) require the Starter plan.

n8n setup

n8n is the self-host-friendly Zapier alternative; if you're already running it, this is the simplest path.

  1. New workflow → trigger → Webhook node. Pick POST. n8n gives you a webhook URL (one URL per node — different for test mode vs production).
  2. In Agentbot: Settings → Webhooks → New endpoint → paste the n8n URL (production URL once you go live).
  3. Add a Code node for signature verification:
const crypto = require('crypto');
const SECRET = $('Webhook').first().json.headers['x-agentbot-secret'] || 'fallback';
const body = JSON.stringify($('Webhook').first().json.body);
const sig = $('Webhook').first().json.headers['x-agentbot-signature'];
const expected = crypto.createHmac('sha256', SECRET).update(body).digest('hex');
if (expected !== sig) { throw new Error('bad signature'); }
return { json: { verified: true, ...$('Webhook').first().json.body } };
  1. Route to your downstream node. n8n has 400+ integrations native (Slack, Discord, Notion, Linear, HubSpot, Airtable, Postgres, plus generic HTTP).

n8n's self-host edition is free and gives you unlimited workflow executions — for high-volume webhook fan-out, it's the cheapest path.

Make setup

Make (formerly Integromat) is the visually richest of the three. Same pattern.

  1. New scenario → trigger → Webhooks → Custom webhook. Make generates a URL.
  2. In Agentbot: Settings → Webhooks → New endpoint → paste the Make URL.
  3. Run the scenario once to register the payload schema (Make calls this "Determine data structure" — required so downstream modules know what fields are available).
  4. Add signature verification: insert a Tools → Set Variable + a Filter that checks the HMAC. Make's expression language can compute SHA-256 with sha256(rawBody, hex) but for HMAC specifically you may need a Lambda function module — fiddlier than Zapier or n8n.
  5. Route into downstream modules. Make has 1,500+ integrations.

Make's per-operation pricing can bite if you're processing >10k webhooks/month — at that volume, n8n self-hosted is more economical.

5 common workflows

What people actually wire up, in rough order of usefulness:

1. AI hand-off → Slack channel ping

conversation.updated filtered to needs_human=true → format as a Slack block message with visitor name, page URL, and last message → post to #support channel. The agent picks up the chat from the link in the message.

2. Ticket filed → Linear / GitHub issue

ticket.created → format the title from ticket.subject, body from ticket.description plus the conversation transcript link → create issue in the right Linear team or GitHub repo. The engineering team picks it up from their existing tooling.

3. New conversation with email → CRM contact

conversation.created with visitor email set → upsert into HubSpot / Pipedrive / Salesforce / Airtable. Tag the contact with "live chat" source.

4. Conversation closed → analytics row

conversation.closed → append a row to Google Sheets / Airtable / your warehouse. Include: duration, resolved-by (AI vs human), tag, sentiment if you compute it. Build a weekly dashboard.

5. AI auto-resolved → success channel

conversation.closed filtered to closed_by=ai → post to an internal #ai-wins Slack channel. Visibility into what the AI is handling builds team confidence and surfaces patterns worth doubling down on.

Pitfalls

Three failure modes worth dodging upfront:

Subscribing to message.created and routing every message to Slack. Don't. It's noise. Subscribe to higher-signal events (conversation.updated with filters, ticket.created) and let the message-level details live in the Agentbot dashboard.

Skipping signature verification because "it's only Slack on the other end". Bad logic. The webhook URL is discoverable (it's in your Zapier / n8n / Make config; if any of those leak, anyone can post forged events into your downstream systems). Verify always.

Building tight retry logic in the receiver. Agentbot already retries on 5xx with exponential backoff. Your receiver should be idempotent (de-dupe by event.id) rather than aggressive. Tight retry loops on both sides cause webhook storms.

Going further

The webhook surface is one direction (Agentbot → you). The write API (you → Agentbot, e.g. post a message into a conversation from outside) is on the roadmap; if you have a specific use case waiting on it, drop us a line.

For everyone who just wants to pipe support events into their existing tooling: this is the pattern that scales. One snippet to install the widget, three lines to verify the signature, route to whatever downstream system makes sense. No vendor-specific integration layer to maintain.

Try Agentbot — free during beta.

AI live chat that resolves most questions on its own. See pricing.

Get Agentbot — Free →