LendWorksWebhook Events
Complete reference of all webhook event types, payloads, and the event catalog endpoint.
Event Catalog
Browse the full machine-readable catalog of all webhook events:
curl https://api.lend.works/v1/webhooks/catalogThis endpoint is public and requires no authentication.
Event Envelope
All webhook deliveries use a consistent envelope:
{
"id": "evt_550e8400-e29b-41d4-a716-446655440000",
"event": "lead.created",
"timestamp": "2025-01-15T10:30:00Z",
"data": {
"leadId": "d290f1ee-6c54-4b01-90e6-d701748f0851",
"orgId": "a1b2c3d4-5678-9abc-def0-123456789012",
"businessName": "Acme Corp"
}
}| Field | Type | Description |
|---|---|---|
id | string | Unique event ID (UUID prefixed with evt_) |
event | string | Event type string |
timestamp | ISO 8601 | When the event occurred |
data | object | Event-specific payload |
Lead Events
lead.created
Fired when a new lead is created through any channel (UI, API, web form, CSV import, dialer).
{
"id": "evt_550e8400-...",
"event": "lead.created",
"timestamp": "2025-01-15T10:30:00Z",
"data": {
"leadId": "d290f1ee-...",
"orgId": "a1b2c3d4-...",
"businessName": "Acme Corp",
"contactFirstName": "Jane",
"contactLastName": "Doe",
"email": "jane@acme.com",
"source": "api",
"priority": "high",
"stageId": "f1e2d3c4-...",
"advisorId": "e5f6g7h8-..."
}
}lead.status_changed
Fired when a lead moves to a new pipeline stage.
{
"id": "evt_661f9511-...",
"event": "lead.status_changed",
"timestamp": "2025-01-15T14:20:00Z",
"data": {
"leadId": "d290f1ee-...",
"orgId": "a1b2c3d4-...",
"previousStageId": "f1e2d3c4-...",
"previousStageLabel": "New Lead",
"newStageId": "b2c3d4e5-...",
"newStageLabel": "Qualified",
"changedBy": "e5f6g7h8-..."
}
}Application Events
application.submitted
Fired when an application (opportunity) is submitted to a lender.
{
"id": "evt_772a0622-...",
"event": "application.submitted",
"timestamp": "2025-01-15T11:00:00Z",
"data": {
"applicationId": "b5a6c7d8-...",
"orgId": "a1b2c3d4-...",
"lenderId": "c3d4e5f6-...",
"lenderName": "First Capital Finance",
"requestedAmount": "250000",
"submittedBy": "e5f6g7h8-..."
}
}application.approved
Fired when a lender approves an application.
{
"id": "evt_883b1733-...",
"event": "application.approved",
"timestamp": "2025-01-16T09:15:00Z",
"data": {
"applicationId": "b5a6c7d8-...",
"orgId": "a1b2c3d4-...",
"lenderId": "c3d4e5f6-...",
"approvedAmount": "250000",
"interestRate": "8.5",
"termMonths": 24
}
}application.declined
Fired when a lender declines an application.
{
"id": "evt_994c2844-...",
"event": "application.declined",
"timestamp": "2025-01-16T09:15:00Z",
"data": {
"applicationId": "b5a6c7d8-...",
"orgId": "a1b2c3d4-...",
"lenderId": "c3d4e5f6-...",
"reason": "Insufficient time in business"
}
}Deal Events
deal.funded
Fired when a deal is marked as funded.
{
"id": "evt_aa5d3955-...",
"event": "deal.funded",
"timestamp": "2025-01-20T16:00:00Z",
"data": {
"dealId": "f1a2b3c4-...",
"orgId": "a1b2c3d4-...",
"applicationId": "b5a6c7d8-...",
"lenderId": "c3d4e5f6-...",
"fundedAmount": "250000",
"commission": "5000",
"advisorId": "e5f6g7h8-..."
}
}Inbound Webhooks
LendWorks also supports inbound webhooks — receive data from external systems and trigger automations:
POST /v1/webhooks/inbound/{endpointKey}Inbound webhooks use HMAC-SHA256 signature verification (not API key auth). Each endpoint has:
- A unique
endpointKeyfor routing - A shared secret for signature verification
- Configurable payload mapping (JSONPath expressions)
- Automatic automation triggering based on mapped data
Signature Header
The primary signature header is X-lw-Signature. The X-Webhook-Signature header is also accepted for compatibility.
X-lw-Signature: <hmac-sha256-hex>Example: Receiving from an External System
# External system sends to your inbound webhook URL
curl -X POST https://api.lend.works/v1/webhooks/inbound/my-crm-sync \
-H "Content-Type: application/json" \
-H "X-lw-Signature: sha256=abc123..." \
-d '{"lead_name": "Acme Corp", "amount": 250000}'Response
{
"data": { "received": true },
"meta": { "requestId": "b43c53d6-e7f8-4a90-1234-567890123789" }
}Headers Sent with Webhooks
| Header | Description |
|---|---|
X-Webhook-Id | Unique delivery ID |
X-Webhook-Signature | HMAC-SHA256 signature for verification |
X-Webhook-Timestamp | Unix timestamp of delivery |
Content-Type | Always application/json |
See Webhooks for verification examples and retry policies.