Webhook trigger: Setting up an API token

Angel Cheung
Angel Cheung
  • Updated

Quick links

What is an API token?

Generate a new API token

Deactivating API tokens

Reactivating API tokens

Deleting an API token


What is an API token?

API Tokens allow other services to secure inbound payloads to Pendula. Pendula flows that use Webhook trigger require payloads to be secured by an active API token.


Generate a new API token

  1. Navigate to Integrations > Setup connection > API token.
  2. You will be prompted to provide a helpful name and description. Then, click Generate.
    02_Screen_Shot_2022-09-07_at_3.55.55_pm.png
  3. Once generated, the API token is shown in two different formats (HTTP header or basic authentication) and either can be used to secure inbound payloads to Pendula.
    Make sure to store the generated API token securely, as this cannot be shown again.
    03Screen_Shot_2022-09-07_at_3.56.34_pm.png
  4. Ensure the credentials are saved securely, check the “I have saved these credentials securely” checkbox, and select Done. Now you can use this API Token to authenticate inbound payloads to the webhook trigger in the Flow builder.

Deactivating API tokens

You can deactivate API tokens that are no longer used, or for which access is no longer authorised, at any time. Once deactivated, services using this API token will no longer be authenticated. 

  1. In Integrations, under Connections, locate the 'Active' API token you wish to deactivate.
  2. Under the Actions column, select Deactivate API token. Follow the prompts to continue.
    Note that API tokens can take up to 60 seconds to be deactivated.

Reactivating API tokens

You can reactivate API tokens that have previously been deactivated (represented by the 'Inactive' status) in order to authenticate services using the API token.

  1. In the Integrations page, locate the 'Inactive' API token you wish to reactivate.
  2. Under the Actions column, select Reactivate API token.
    Note that API tokens can take up to 60 seconds to be reactivated.

Deleting an API token

You can permanently delete 'Inactive' API tokens. Note that this cannot be undone, and services using this API token will no longer be authenticated.

  1. In the Integrations page, locate the API token you wish to delete. Note that an API token must be 'Inactive' to be deleted.
  2. Under the Actions column, select Delete API token. Follow the prompts to continue.