Webhooks
Webhooks let you connect is.team to any external service. Use incoming webhooks to create tasks from Zapier, Make.com, or custom scripts. Use outgoing webhooks to push is.team events to your own endpoints.
Incoming Webhooks
Incoming webhooks let external services create tasks in is.team. Send a POST request to the webhook endpoint with the required fields.
Endpoint
POST https://is.team/api/webhooks/incoming
Authentication
Bearer token from Account Settings → API tab.
Request Body
Required fields
workspaceId, boardId, columnTitle, title
Optional fields
type, priority, description
Info
Column matching is case-insensitive. If you send columnTitle: "to do", it will match a column named "To Do" or "TO DO".
Warning
The API token must belong to a user with owner or member role in the target workspace.
Example Request
curl -X POST https://is.team/api/webhooks/incoming \
-H "Authorization: Bearer ist_your_token_here" \
-H "Content-Type: application/json" \
-d '{
"workspaceId": "ws_abc123",
"boardId": "board_xyz",
"columnTitle": "To Do",
"title": "Review deployment logs",
"priority": "high",
"type": "bug"
}'Outgoing Webhooks
Outgoing webhooks push is.team events to your external endpoints in real time. Configure them from Workspace Settings → Webhooks tab (owner only).
Max webhooks
Up to 10 outgoing webhooks per workspace.
Signing
Every request includes an X-IsTeam-Signature header with HMAC-SHA256.
Supported Events
task.created
Fired when a new task is created on any board.
task.completed
Fired when a task is moved to a completed column.
task.moved
Fired when a task is moved between columns.
task.commented
Fired when a comment is added to a task.
Example Payload
{
"event": "task.completed",
"workspaceId": "ws_abc123",
"boardId": "board_xyz",
"timestamp": "2026-03-12T14:30:00.000Z",
"data": {
"taskId": "task_001",
"title": "Review deployment logs",
"number": 42,
"column": "Done",
"assignee": {
"uid": "user_123",
"displayName": "Jane Doe"
}
}
}Verifying Signatures
Every outgoing webhook request includes an X-IsTeam-Signature header. This is an HMAC-SHA256 digest of the request body, signed with your webhook secret. Always verify this signature before processing the payload to ensure it came from is.team.
const crypto = require("crypto");
function verifySignature(body, signature, secret) {
const expected = crypto
.createHmac("sha256", secret)
.update(body)
.digest("hex");
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expected)
);
}Using with Zapier & Make.com
Both Zapier and Make.com support custom webhook triggers and actions.
- 1
Create a Zap or Scenario
In Zapier or Make.com, create a new automation and select Webhooks as the trigger or action.
- 2
Use the incoming webhook URL
To create tasks in is.team, use a Webhooks by Zapier action pointing to https://is.team/api/webhooks/incoming with your Bearer token.
- 3
Or set up an outgoing webhook
To receive is.team events, add an outgoing webhook in Workspace Settings → Webhooks and paste the catch hook URL from Zapier or Make.com.
Tip
Test your webhook setup with a tool like webhook.site before connecting it to your production automation.