Generic webhook

Send each accepted submission to your own HTTPS endpoint as JSON. This is the path to use when you want Formspring’s versioned envelope, optional field filters, payload picks/renames, and a cryptographic signature you can verify on your server.

What you need

A publicly reachable HTTPS URL that accepts POST with JSON.
Your server (or serverless function) ready to read headers and body.

What Formspring sends

The JSON body uses an api_version, an event, and a data object that includes submission id, form_id, timestamps, status, the field payload, optional consent snapshot, and a files array with metadata (field name, original filename, mime type, size)-not the raw file bytes.

Formspring adds:

X-Formspring-Signature: t=<unix>,v1=<hex> – HMAC-SHA256 over <t>.<rawBody> with your webhook secret (Stripe-style).
X-Formspring-Event and X-Formspring-Delivery for tracing.

Optional dashboard controls

When you edit a generic webhook (not a built-in provider card), Formspring may show:

Filter – only deliver when a submitted field matches your rule.
Included fields – send a subset of payload keys.
Rename fields – change keys before signing and sending.

Built-in integrations like Slack or Make do not use this screen; they use each vendor’s own format.

Steps

Implement an HTTPS endpoint that reads the raw body as a string (for signature verification), then parses JSON.
In Formspring, add a generic webhook, paste the URL, optionally set filters or maps, Save, and note the signing secret if your code needs it.
Send a test submission and verify your logs.
Confirm Deliveries shows 2xx from your endpoint.

Tips

Verify the signature before trusting the JSON.
On failure, Formspring retries with backoff; fix your endpoint and use Replay.
File downloads use Formspring’s authenticated flows-use submission and file APIs from your backend after you trust the webhook.

More help

In-product examples also appear on the Generic Webhook marketing page.