Skip to main content
If your organization has webhooks configured, the platform will send an HTTP POST request to the URL you provided whenever certain events occur (consultation created, expired, completed, or participant joined/left the video call). This lets your system stay in sync in real time without polling the API.

Your requirements

  • Public HTTPS URL that accepts POST and responds in under 30 seconds.
  • Know the webhook secret configured with Kairo Connect; it is used only to verify the signature of each request and ensure the content is authentic.

Headers we send

HeaderDescription
Content-Typeapplication/json
X-Telehealth-SignatureHMAC-SHA256 signature of the raw body of the request, in lowercase hexadecimal. You must verify this signature with your secret before trusting the content.
X-Telehealth-EventEvent name (e.g. consultation.created, session_started).
X-Telehealth-DeliveryUnique delivery ID (useful for idempotency and logging).
User-AgentTelehealth-Webhooks/1.0

Response your URL must return

  • 200 OK (or other 2xx) when you accept or process the event successfully.
  • 401 Unauthorized if the signature is invalid.
  • If you respond with an error or do not respond in time, the platform may retry. Idempotent processing is recommended (e.g. using X-Telehealth-Delivery to detect duplicates).
See Events, Signature validation, and Verification by language.