API Keys & Webhooks

WarmySender provides a REST API and webhook system for integrations:

API Keys (Settings > API Keys):
1) Click 'Create Key' and give it a name
2) Select scopes (permissions) for the key:
• Prospects: read / write
• Mailboxes: read / write
• Warmup: read / write
• Campaigns: read / write (create, update, start, pause)
• Enrollments: write
• Suppressions: read / write
• Webhooks: read / write
• Jobs: read
3) The full key is shown ONCE on creation — copy and save it securely
4) After creation, only the key prefix is stored (for identification)

Authentication:

• Use the header: Authorization: Bearer YOUR_API_KEY
• Keys are hashed with SHA-256 for storage security
• Keys can have an expiration date
• Revoke keys anytime from the API Keys tab

Webhooks (Settings > Webhooks):
1) Click 'Create Webhook' and enter your endpoint URL
2) Select which events to subscribe to:
• reply.received — A prospect replied to a campaign email
• email.bounced — An email hard-bounced
• email.unsubscribed — A prospect clicked the unsubscribe link
• email.opened — A prospect opened a campaign email
• email.clicked — A prospect clicked a tracked link
• prospect.suppressed — A prospect was added to the suppression list
• limit.hit — A daily sending limit was reached
3) Each webhook gets a unique secret for signature verification
4) Test your endpoint with the 'Test' button

Webhook Delivery:

• Events are delivered via HTTP POST to your endpoint
• Signed with HMAC-SHA256 (X-Warmy-Signature header)
• Failed deliveries are retried up to 10 times with exponential backoff
• Delivery history is tracked per webhook

For full API reference, visit warmysender.com/docs/integrations

Related guides in Platform

• Email & LinkedIn Templates
• Unified Inbox
• How We Measure Campaign Revenue (First-Touch Attribution)
• Analytics & Reporting
• Teams & Workspaces

Back to all documentation | Contact support