The Webhooks integration lets ContentPeaks send article data to almost any external system by posting directly to a public URL you control. It is a good fit when you want to connect a custom CMS, a static site workflow, an automation platform, or your own backend without relying on a native publishing integration.
Before you start
- A public webhook URL that can accept HTTP POST requests with JSON.
- A receiver that can validate either signature-based authentication or Bearer token authentication.
- A system on your side that knows how to store, publish, or route the article data after it is received.
How to connect Webhooks
- Open Settings → Integrations in ContentPeaks and choose Webhooks.
- Paste the webhook URL that should receive your article payloads.
- Choose Signature-based authentication if you want HMAC verification, or Bearer token authentication if you want a simpler setup.
- Save the webhook and copy the generated secret immediately when it is shown.
- Send a test delivery to confirm your endpoint accepts the payload correctly.
Common use cases
- Custom CMS platforms or static site generators such as Next.js, Hugo, or Jekyll.
- PHP-based systems such as Drupal, PrestaShop, or custom-built sites.
- Automation platforms such as Zapier, Make, or n8n.
- Serverless functions such as AWS Lambda, Vercel Functions, or Cloudflare Workers.
- Notifications or routing into tools like Slack, Discord, or internal dashboards.
Testing your webhook
After the webhook is saved, use the Send Test action in the integration settings. ContentPeaks sends a sample payload to your endpoint and shows the HTTP response so you can confirm the endpoint is reachable and the authentication logic works.
Test payloads include `test: true`, which makes it easy to handle them differently in your code if you do not want them to trigger full publish logic.
Authentication
ContentPeaks supports two authentication modes for outbound webhook requests. Signature-based authentication is the recommended default because it gives you cryptographic verification that the request body has not been modified. Bearer token authentication is simpler and works well with tools that only expect a shared token.
- Signature-based mode sends `X-ContentPeaks-Signature` and `Authorization: sha256=<signature>` headers.
- Bearer mode sends `Authorization: Bearer <secret>`.
- Every request also includes metadata headers such as `X-ContentPeaks-Event` and `X-ContentPeaks-Delivery`.
Payload format
Webhook deliveries include structured article data such as title, HTML content, Markdown content, slug, meta description, featured image, image list, publish timestamps, language, and publish/update state. The same structure is used for both real publishes and test deliveries.
- `title` for the article title.
- `content_html` for final HTML output.
- `content_markdown` for Markdown output.
- `slug` as the stable identifier for updates.
- `meta_description` for SEO description.
- `featured_image` and `images` for visual assets when available.
- `published_at`, `status`, and `is_republish` so your receiver can understand whether this is a first publish or an update.
Handling article updates
When you update an already published article, ContentPeaks sends the same article payload again with `is_republish: true`. The best pattern is to use the slug as your stable identifier and upsert the article on your side so you update the existing entry instead of creating a duplicate.