I am testing my first webhook and cannot get it to trigger. I have tested the webhook trigger in a different environment (make.com) and it works fine. The results look like this:
You need to set the schedule using the thunder button on the left side. This ensures the triggers run perfectly at the scheduled time. For webhooks, you have to enable them and use the URL of your API. They will execute according to the schedule you set.
After testing different scenarios I realized you need to add the API key in the webhook url. https://api.retool.com/v1/workflows/xxx/startTrigger?workflowApiKey=retool_wk_yyy
I couldn't find this anywhere in the documentation but I guess it's a nice extra layer of security.
Noting that in addition to the option of including the API key in the webhook URL, it can alternatively be in the header.
We mention both in the docs, but it wasn't super clear before. The Docs and Workflows teams actually saw this topic, so they made an update to make the docs wording more clear/visible! Thanks @Shawn_Optipath@ZeroCodez for working to arrive at a solution to this topic and surfacing that this was confusing. Our teams do regularly monitor the forums for ways to improve both the docs and the product!
Previous docs wording:
The cURL request provided uses X-Workflow-Api-Key header to authenticate webhook requests. You can also use the workflowApiKey query parameter to authenticate webhook requests. While query parameters may be required by some 3rd party webhook integrations, be wary that this secret API key may be logged by those systems and Retool while logging requests to that url.
You can authenticate webhook events by using one of the following in the request:
The X-Workflow-Api-Key header.
The workflowApiKey query parameter.
Retool recommends using X-Workflow-Api-Key header unless your intended usage only supports query parameters (e.g., third-party integrations). Be wary when including the secret API key as a query parameter as it can be logged since it is part of the URL.
