Note: the API key and hooks are associated with a specific website. If you have multiple websites configured in Wisepops, you'll need to use the correct key and create distinct hooks for each of these websites.

When sign-up forms and surveys are collected, we can send an HTTP POST payload to a hook's URL. You can manage your hooks through the Wisepops interface, or by using the /api2/hooks endpoint.

Advantages of the hooks

When your goal is to receive the new forms Wisepops collects, we strongly suggest you to use the hooks here instead of periodically calling our API:

  • You won't have to play with the collected_after parameter. By design, you will only receive newly collected forms,

  • You will receive them much faster, we will take care of posting the collected forms to the target as soon as our system has them ready,

  • Hooks are not API rate limited.

Managing your hooks through the Wisepops interface

You can manage your hooks from the Email API settings.

Creating a hook

Let's say we want to receive the emails associated with our "Welcome UK" pop-up. We can configure a hook to post emails to

Here, we assume that we own the domain, and that /hook is a URL ready to receive the Wisepops payload. You can find here the example of a script receiving such payload.

The event (Email or Survey) let you choose which type of forms you want to receive.

Managing your hooks through the Wisepops API

You might want to manage your hooks through our API if you want to automate hooks creation and deletion.

Creating a hook

Create a hook by issuing a POST request to the /api2/hooks endpoint. Parameters should be JSON encoded, and you must add the header
Content-Type: application/json.

The parameters are:

  • event (required) - The event that triggers your hook. Allowed values are email, phone and survey. Respectively for sign-up blocks, phone blocks and survey blocks.

  • target_url (required) - The URL that will receive collected forms.

  • wisepop_id - If you want the hook to transmit forms only from a specific pop-up.

The following request will create a new hook that will transmit all collected emails to

curl -H 'Authorization: WISEPOPS-API key="YOUR_API_KEY_HERE"' -H 'Content-Type: application/json' -d '{"event":"email","target_url":""}' ''

The response will contain the id of the created hook:

  "id": 42

Deleting a hook

To delete a hook, perform a DELETE request.
There is only one required parameter: hook_id . It is the id received when creating the hook.

This is the request to delete the hook #42:

curl -H 'Authorization: WISEPOPS-API key="YOUR_API_KEY_HERE"'

The Payload

The posted payload is similar to the response body of the /api2/contacts endpoint. Keep in mind that multiple forms can be sent in the same payload.

"collected_at": "2019-10-10T10:10:58.389Z",
"wisepop_id": 12345,
"ip": "",
"country_code": "US",
"fields": {
"email": "",
"Gender": "male",
"City": "New York"
"collected_at": "2019-10-10T10:10:59.010Z",
"wisepop_id": 12345,
"ip": "",
"country_code": "US",
"fields": {
"email": "",
"Gender": "female",
"City": "Seattle"

Additionally, the HTTP header X-Wisepops-Signature will be set. It will contain the HMAC hex digest of the payload, using your API key as a cryptographic key. This lets you verify that Wisepops is the emitter of the query.

This is an example of a PHP script, behind Apache or Nginx, that receives a payload:


$apiKey = 'YOUR_API_KEY_HERE';
$payload = file_get_contents('php://input');
$signature = hash_hmac('sha256', $payload, $apiKey);

!hash_equals($signature, $_SERVER['HTTP_X_WISEPOPS_SIGNATURE']) {
    throw new Exception('Signature verification failed');

$emails = json_decode($payload);

Our requests origin IP is, you can whitelist it if you need to configure a firewall. You can subscribe to this list to get notified if we need to add new IPs. 

Did this answer your question?