4 min read
Make.com webhook module
Wire Zenovay events into Make.com (formerly Integromat) scenarios — connect to Google Sheets, Airtable, HubSpot, Microsoft 365, Salesforce, and 1500+ other apps.
Make.com's Webhooks → Custom webhook module is what catches Zenovay events.
Outbound webhooks are a Zenovay Pro+ feature. Make.com's Custom Webhook is available on Make.com's Free tier.
1. Create the Make.com webhook
- In Make.com, create a new scenario.
- Click the + button → search "Webhooks" → pick Webhooks → Custom webhook.
- Click Add to create a new webhook hook:
- Webhook name:
Zenovay events(or anything memorable) - IP restrictions: leave empty unless you're locking down Zenovay's IPs (we don't publish a stable IP list — verify via signature instead)
- JSON pass-through: leave off (Make.com will parse the body automatically)
- Webhook name:
- Click Save and Copy address to clipboard — looks like
https://hook.eu2.make.com/abcdef123456.
2. Add the webhook in Zenovay
- In
app.zenovay.com, go to Settings → Webhooks. - Pick the website that should fire events.
- Click Add webhook.
- Fill in:
- Name:
Make.com — <scenario name>(e.g.Make.com — Sync to Google Sheets) - URL: paste the Make.com webhook address from Step 1
- Events: pick the ones the scenario should react to
- Name:
- Click Create webhook.
- Click Send test event (paper-plane icon).
3. Pick up the sample data in Make.com
- Back in the Make.com webhook module, click Run once at the bottom.
- Make.com listens for the next incoming event. Click Send test event in Zenovay again.
- Make.com captures the payload and shows the available fields. Click Save.
- Add the next module(s) — e.g. Google Sheets → Add a Row — and map fields from the Zenovay payload.
4. Verify Zenovay's signature (recommended)
Make.com does NOT natively verify HMAC signatures. For scenarios where signature integrity matters, add a Tools → Set Variables module with this filter:
// In a "Filter" between the webhook and your action modules
{{contains(headers["x-zenovay-signature"]; "sha256=")}}
For full HMAC verification, you'd need to either:
- Upgrade to a custom-code module (Make.com Premium / Pro plan), or
- Front Make.com with a Cloudflare Worker that verifies and forwards:
import { createHmac } from 'crypto';
export default {
async fetch(req) {
const rawBody = await req.text();
const signature = req.headers.get('x-zenovay-signature') || '';
const provided = signature.replace(/^sha256=/, '');
const expected = createHmac('sha256', YOUR_WEBHOOK_SECRET)
.update(rawBody)
.digest('hex');
if (provided !== expected) return new Response('invalid signature', { status: 401 });
await fetch(MAKE_WEBHOOK_URL, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: rawBody,
});
return new Response('ok');
},
};
Your webhook secret is shown in Settings → Webhooks → click the eye icon on the webhook card.
5. Common scenario recipes
| When this Zenovay event fires… | …Make.com scenario |
|---|---|
goal_completed | Append row to Google Sheets conversions tab |
traffic_spike | Send Microsoft Teams notification to #marketing |
website_down | Open Salesforce case + email customer success |
error_spike | Update Notion DB row with error count + page URL |
Troubleshooting
- Webhook received the data but the scenario didn't execute: the scenario must be active (toggle in the bottom-left corner of the scenario editor).
- Field types are wrong (e.g., a number arrives as text): toggle JSON pass-through OFF on the webhook module so Make.com parses types automatically.
- Operations limit hit: Make.com counts each scenario step as one operation. Free tier = 1,000/month. Filter chatty events (like
traffic_spike) in the Zenovay webhook config to stay under the limit.
Related
Was this page helpful?