​

Overview

Webhooks enable your application to set up event based notifications. In this section, you’ll learn how to configure webhooks to receive updates from Fireflies.

​

Events supported

The webhooks support the following events:

• Transcription complete: Triggers when a meeting has been processed and the transcript is ready for viewing

​

Saving a webhook

Follow the instructions below to save a webhook URL that sends notifications for all subscribed events. This webhook will only be fired for meetings that you own.

You may test your webhook using the upload audio API or by uploading through the dashboard at app.fireflies.ai/upload

​

Upload audio webhook

You can also include a webhook URL as part of an upload audio request. This is different from the saved webhook as it will only send notifications for that singular audio upload request.

curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer your_api_key" \
  -d '{
    "query": "mutation($input: AudioUploadInput) { uploadAudio(input: $input) { success title message } }",
    "variables": {
      "input": {
        "url": "https://url_to_the_audio_file",
        "title": "title of the file",
        "webhook": "https://url_for_the_webhook"
      }
    }
  }' \
  https://api.fireflies.ai/graphql

​

Webhook Authentication

Webhook authentication ensures that incoming webhook requests are securely verified before processing. This allows consumers to trust that webhook events originate from a secure and verified source.

​

How It Works

Each webhook request sent from the server includes an x-hub-signature header containing a SHA-256 HMAC signature of the request payload. This signature is generated using a secret key known only to the server and your application.

When the consumer receives a webhook, they can use the signature provided in the x-hub-signature header to verify that the request has not been tampered with. This is done by computing their own HMAC signature using the shared secret key and comparing it to the signature included in the header.

​

Saving a secret

1. Go to the settings page at app.fireflies.ai/settings
2. Navigate to the Developer Settings tab
3. You can either:
   • Enter a custom secret key of 16-32 characters in the input field
   • Click on the refresh button to generate a random secret key
4. Click Save to ensure the secret gets updated
5. Make sure to store this secret key securely, as it will be used to authenticate incoming webhook requests

​

Verifying the Signature

1. Receive the Webhook:

   • Each request will include the payload and an x-hub-signature header

2. Verify the Signature:

   • Compute the HMAC SHA-256 signature using the payload and the shared secret key
   • Compare the computed signature to the x-hub-signature header value
   • If they match, the request is verified as authentic. If they do not match, treat the request with caution or reject it

By verifying webhook signatures, consumers can ensure that webhook events received are secure and have not been altered during transmission

​

See it in action

To see webhook authentication in action, you can view an example at Fireflies.ai Verifying Webhook Requests. This example demonstrates how to receive a webhook, compute the HMAC SHA-256 signature, and verify it against the x-hub-signature header to ensure the request’s authenticity.

​

Webhook Schema

​

Example Payload

{
    "meetingId": "ASxwZxCstx",
    "eventType": "Transcription completed",
    "clientReferenceId": "be582c46-4ac9-4565-9ba6-6ab4264496a8"
}

​

FAQ

​

Additional Resources