Trigger document creation from external tools by POSTing JSON to a unique Crove endpoint.

Incoming Webhooks

Incoming webhooks let any external system (CRM, form builder, your own backend, no-code platforms like Pabbly or Make) trigger Crove document creation by sending a JSON payload to a unique URL.

This is the inverse of outgoing webhooks:

Outgoing — Crove → your server when an event happens
Incoming — your server → Crove to make something happen

Setting up an endpoint

Open Settings → Integrations → Incoming Webhooks
Click Add endpoint
Fill in:
- Name — internal label, e.g. HubSpot lead → NDA
- Template — which template to instantiate
- Action — what to do with the payload:
  - create_document — create the document, leave it in Draft
  - generate_pdf — same as above plus immediately fire PDF generation and return the S3 URL in the response
Click Create endpoint

Crove generates a unique slug (UUID) and returns the full URL:

https://hello.crove.app/api/webhooks/incoming/<slug>

Copy it from the row's Endpoint URL field. The Copy button guards against typos.

Sending a payload

POST any JSON to the endpoint:

curl -X POST https://hello.crove.app/api/webhooks/incoming/<slug> \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Alice Acme",
    "email": "alice@acme.com",
    "amount": 50000
  }'

Crove maps payload keys onto the template's variable names. So if your template has variables name, email, amount, they get populated from the payload of the same names.

Field mapping

By default, payload keys map directly to variable names. For the times when the source system uses different naming, configure a field mapping on the endpoint:

{
  "fieldMapping": {
    "Customer Name": "name",
    "Email Address": "email",
    "Deal Value": "amount"
  }
}

The keys are payload field names, the values are Crove variable names. Anything not in the mapping falls back to the default direct-mapping rule.

Response shape

A successful create returns:

{
  "success": true,
  "documentId": "doc_…",
  "fillUrl": "https://hello.crove.app/fill/<authToken>"
}

When the action is generate_pdf, the response also includes:

{
  "pdfUrl": "https://crove-nextjs.s3...amazonaws.com/...response.pdf?X-Amz-..."
}

The presigned URL is valid for 1 hour. If you need it later, fetch the document via the public API.

Errors return:

{
  "success": false,
  "message": "Template not found"
}

with appropriate HTTP status (400 for malformed payload, 404 for endpoint not found, 403 for inactive endpoint).

Managing endpoints

Each endpoint row in the list shows:

Name + template name + action
Active / Disabled badge
Endpoint URL with Copy button
A curl example tailored to that endpoint
Trash icon to delete

To pause an endpoint without deleting it, set its active field to false via the API (UI toggle is on the way). Inactive endpoints reject all incoming POSTs with 403.

To delete an endpoint, click the trash icon. Confirmed deletes are immediate — the URL stops working and any in-flight POSTs will fail.

Security

Incoming webhook URLs are bearer-style secrets — anyone with the URL can trigger document creation. Treat them like API keys:

Never commit them to source control
Don't expose them in client-side JavaScript
Rotate by deleting + re-creating if leaked
For high-trust integrations, layer in additional checks via the source system's filtering (e.g. Pabbly's pre-condition steps)

Tracking deliveries

Inbound POSTs are logged like any other system event. View incoming-webhook activity:

Per-document — appears in the document's audit trail
Per-org — surfaces in the dashboard's recent activity feed

Failed deliveries (e.g. a payload that referenced a deleted template) are also logged with the failure reason.

Common patterns

CRM → contract draft

A new "Won" deal in HubSpot fires a webhook into Crove that creates a contract document pre-populated with the customer's details. Sales sees the draft in the dashboard, reviews, sends for signature.

Form builder → response logging

A Typeform submission posts the response to a Crove incoming webhook configured for an "intake form" template. The created document holds the structured response and triggers downstream PDF generation automatically.

Internal tool → bulk doc creation

A Python script iterates a customer list, POSTs each entry to the incoming webhook. Use the response's fillUrl to send personalized signing requests via your own email pipeline if you want to bypass Crove's invitation flow.

Incoming Webhooks

Incoming webhooks let any external system (CRM, form builder, your own backend, no-code platforms like Pabbly or Make) trigger Crove document creation by sending a JSON payload to a unique URL.

This is the inverse of outgoing webhooks:

Outgoing — Crove → your server when an event happens
Incoming — your server → Crove to make something happen

Setting up an endpoint

Open Settings → Integrations → Incoming Webhooks
Click Add endpoint
Fill in:
- Name — internal label, e.g. HubSpot lead → NDA
- Template — which template to instantiate
- Action — what to do with the payload:
  - create_document — create the document, leave it in Draft
  - generate_pdf — same as above plus immediately fire PDF generation and return the S3 URL in the response
Click Create endpoint

Crove generates a unique slug (UUID) and returns the full URL:

https://hello.crove.app/api/webhooks/incoming/<slug>

Copy it from the row's Endpoint URL field. The Copy button guards against typos.

Sending a payload

POST any JSON to the endpoint:

curl -X POST https://hello.crove.app/api/webhooks/incoming/<slug> \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Alice Acme",
    "email": "alice@acme.com",
    "amount": 50000
  }'

Crove maps payload keys onto the template's variable names. So if your template has variables name, email, amount, they get populated from the payload of the same names.

Field mapping

By default, payload keys map directly to variable names. For the times when the source system uses different naming, configure a field mapping on the endpoint:

{
  "fieldMapping": {
    "Customer Name": "name",
    "Email Address": "email",
    "Deal Value": "amount"
  }
}

The keys are payload field names, the values are Crove variable names. Anything not in the mapping falls back to the default direct-mapping rule.

Response shape

A successful create returns:

{
  "success": true,
  "documentId": "doc_…",
  "fillUrl": "https://hello.crove.app/fill/<authToken>"
}

When the action is generate_pdf, the response also includes:

{
  "pdfUrl": "https://crove-nextjs.s3...amazonaws.com/...response.pdf?X-Amz-..."
}

The presigned URL is valid for 1 hour. If you need it later, fetch the document via the public API.

Errors return:

{
  "success": false,
  "message": "Template not found"
}

with appropriate HTTP status (400 for malformed payload, 404 for endpoint not found, 403 for inactive endpoint).

Managing endpoints

Each endpoint row in the list shows:

Name + template name + action
Active / Disabled badge
Endpoint URL with Copy button
A curl example tailored to that endpoint
Trash icon to delete

To pause an endpoint without deleting it, set its active field to false via the API (UI toggle is on the way). Inactive endpoints reject all incoming POSTs with 403.

To delete an endpoint, click the trash icon. Confirmed deletes are immediate — the URL stops working and any in-flight POSTs will fail.

Security

Incoming webhook URLs are bearer-style secrets — anyone with the URL can trigger document creation. Treat them like API keys:

Never commit them to source control
Don't expose them in client-side JavaScript
Rotate by deleting + re-creating if leaked
For high-trust integrations, layer in additional checks via the source system's filtering (e.g. Pabbly's pre-condition steps)

Tracking deliveries

Inbound POSTs are logged like any other system event. View incoming-webhook activity:

Per-document — appears in the document's audit trail
Per-org — surfaces in the dashboard's recent activity feed

Failed deliveries (e.g. a payload that referenced a deleted template) are also logged with the failure reason.

Incoming Webhooks

Incoming Webhooks

Setting up an endpoint

Sending a payload

Field mapping

Response shape

Managing endpoints

Security

Tracking deliveries

Common patterns

CRM → contract draft

Form builder → response logging

Internal tool → bulk doc creation

See also

On this page

Incoming Webhooks

Incoming Webhooks

Setting up an endpoint

Sending a payload

Field mapping

Response shape

Managing endpoints

Security

Tracking deliveries

Common patterns

CRM → contract draft

Form builder → response logging

Internal tool → bulk doc creation

See also

On this page