Webhooks let you connect Arca to external systems by sending an HTTPS POST request to a URL you control whenever something changes, a task is created, a status changes, a list is updated, and more.
Create a webhook
- Go to Settings → Webhooks.
- Click Create your first webhook or Add new webhook.
- Fill in the form:
- Label: a name to help you identify this webhook.
- Endpoint URL: the URL Arca will POST to. Must use
https.
- Events: select one or more events to subscribe to (see Events below).
- Workspaces: if you own more than one workspace, choose which ones this webhook applies to. All your workspaces are selected by default.
- Auth token: optionally generate a secret token so your server can verify requests come from Arca.
- Click Create webhook.
Before the webhook is saved, Arca sends a POST request to your endpoint with the header X-Arca-Event: ping and this JSON body:
Your server must respond with a 2xx status code within 10 seconds, otherwise the webhook is not created. Make sure your endpoint is publicly accessible and ready to accept POST requests before submitting.
If you enabled the auth token option, the token is shown once immediately after creation. Copy it and store it securely, Arca never shows it again. If you lose it, delete the webhook and create a new one.
Events
Every webhook subscribes to one or more event types. Arca sends a delivery only when a subscribed event occurs in one of the webhook’s selected workspaces.
Task events
Folder events
List events
Payload
Arca sends a JSON payload as the POST body:
Arca includes the following headers with every delivery:
Webhook Payloads
The tabs below show the complete JSON body delivered to your endpoint for each event type.
Task events
task.created
task.deleted
task.status.changed
task.priority.changed
task.assignees.changed
task.due_date.changed
task.start_date.changed
task.labels.changed
Folder events
folder.created
folder.updated
folder.deleted
folder.moved
The top-level workspace and before.workspace reflect the source workspace. after.workspace reflects the destination workspace.
List events
list.created
list.updated
list.deleted
Verifying deliveries
If you configured an auth token, every request from Arca includes:
Compare this value against the token you saved at creation time. Reject requests where it doesn’t match.
The auth token is shown only once, at the moment you create the webhook. Store it immediately in a secure location such as an environment variable or a secrets manager.
Delivery behaviour
- Arca expects your endpoint to respond with a
2xx status code within 10 seconds.
- Deliveries are fire-and-forget, Arca does not retry failed deliveries.
- Each failed delivery increments a failure counter. After 6 consecutive failures, Arca automatically disables the webhook and sends you an email notification.
Re-enabling a disabled webhook
When a webhook is disabled (manually or automatically), a Disabled badge appears on its card in Settings → Webhooks. Toggle the switch to re-enable it. Re-enabling resets the failure counter to zero.
Delete a webhook
Click the delete button on a webhook card in Settings → Webhooks and confirm the prompt. Deletion is immediate and cannot be undone. Any in-flight delivery at the time of deletion will still be attempted.