Hunch
Outbound webhooks

Push every signal event directly to your stack.

For teams who want full control over signal delivery. Hunch fires a signed HTTP POST to your endpoint the moment anything happens - no polling, no delays.

Set up your webhook View payload example

How it works

Real-time delivery, every time.

The moment Hunch detects a buying signal, it POSTs a signed JSON payload to the endpoint URL you configure. Every request is authenticated with an HMAC-SHA256 signature so you can verify it genuinely came from Hunch before acting on it.

Use webhooks to push signal data into your CRM, trigger a Slack message from your own bot, enroll leads in an outreach sequence, or feed a custom data warehouse - without depending on our native integrations.

Account name and domain
Signal name and category
AI-generated why-now brief
Confidence score (0 – 1)
Timestamp and run ID
Workspace ID for multi-tenant routing

Signal fires

Buying signal detected on an account. AI brief generated. Confidence score computed.

Signed POST sent

Hunch POSTs JSON to your endpoint, signed with HMAC-SHA256 using your webhook secret.

Your handler runs

Verify the signature, parse the payload, and route the event anywhere in your stack.

Event types

Three events, everything covered.

Subscribe to any combination of event types. Each fires independently so you can route them to different endpoints if needed.

signal.detected

Signal detected

New buying signal found on an active account you are monitoring.

account.suggested

Account suggested

A net-new account matching your ICP was discovered and added to the Suggested tab.

daily.digest

Daily digest

A summary of all signals that fired in the past 24 hours across your workspace.

Payload schema

Predictable, structured JSON.

Every webhook payload follows the same envelope regardless of event type. The top-level event field tells you what happened. The data object carries the full context.

The alphafield is Hunch's confidence score - a value between 0 and 1 representing how strongly the evidence supports the signal. Use it to threshold which events trigger downstream actions.

eventEvent type string (e.g. signal.detected)
workspace_idYour Hunch workspace identifier
timestampISO 8601 UTC time the event was generated
data.accountAccount name and domain
data.signal.nameWhich signal definition matched
data.headlineAI-generated why-now brief
data.alphaConfidence score, 0–1
data.run_idUnique ID for this signal run
signal.detected payload
{
  "event": "signal.detected",
  "workspace_id": "ws_01hwzk3m9bxqrj4p7d",
  "timestamp": "2026-06-30T09:01:43.217Z",
  "data": {
    "account": {
      "name": "Talkdesk, Inc.",
      "domain": "talkdesk.com"
    },
    "signal": {
      "name": "Product Launch"
    },
    "headline": "Talkdesk launched the CXA Operations Center at Enterprise Connect, emphasising AI Agent Observability and Evaluation - a clear signal of scaling investment in AI-assisted CX infrastructure.",
    "alpha": 0.91,
    "run_id": "run_01hwzk3m9bxqrj4p7d"
  }
}
verify.ts
import { createHmac } from "node:crypto";

// Hunch sends these headers with every request:
// X-Signal-Timestamp: <unix ms>
// X-Signal-Signature: <hex digest>

function verifySignal(req, secret) {
  const timestamp = req.headers["x-signal-timestamp"];
  const incoming  = req.headers["x-signal-signature"];
  const body      = req.rawBody; // unparsed string

  const sig = createHmac("sha256", secret)
    .update(timestamp + "." + body)
    .digest("hex");

  if (sig !== incoming) {
    throw new Error("Invalid signature - request rejected.");
  }
}

Security

Verify every request.

Hunch signs every outbound request with HMAC-SHA256. The signature is computed from the request timestamp and the raw body, keyed with your webhook secret - a unique secret generated when you create the webhook.

Always verify the signature before processing a webhook payload. Reject any request that fails verification or where the timestamp is more than 5 minutes old - this protects against replay attacks.

Keep your secret safe

Your webhook secret is shown once at creation time. Store it in an environment variable - never commit it to source control.

Setup

Live in under two minutes.

No SDK required. If your server can receive an HTTP POST, you're ready.

01

Open Settings

Navigate to Settings → Notifications → Outbound Webhook inside your Hunch workspace.

02

Paste your URL

Enter the HTTPS endpoint where Hunch should POST events and select the event types you want.

03

Copy your secret

Hunch generates a signing secret. Store it as an environment variable and use it to verify incoming requests.

Set up your webhook.

Route signal events anywhere in your stack. Takes two minutes to configure, works with any HTTP server.

Get started free
How Hunch works →See pricing →