# Webhook Set Up

When Dapta sends data to your servers — for example, after a voice call ends, when a Flow Studio workflow triggers, or when Sales Intelligence processes a meeting — it sends an HTTP **POST** request (a webhook) from one of Dapta's public IP addresses.

If your company uses a **firewall, WAF (Web Application Firewall), or IP allowlist**, you need to tell your security system to trust these addresses. Otherwise, your firewall will block the requests and your integrations will silently fail — calls won't log, data won't sync, and automations won't trigger.

***

## Why this matters

Most companies protect their servers by only accepting requests from known, trusted IP addresses. This is called **IP allowlisting** (sometimes referred to as "whitelisting").

If Dapta's IPs are not on your allowlist:

* **Webhook deliveries will fail** — your server will reject the incoming request with a 403 or timeout error.
* **Integrations will break** — CRM updates, Slack notifications, Google Sheets syncs, and any other automations that rely on webhooks will stop working.
* **You won't get an obvious error** — most firewalls silently drop blocked requests, so the issue can be hard to diagnose.

{% hint style="danger" %}
If your integrations suddenly stop receiving data from Dapta, the most common cause is a missing IP in your firewall's allowlist. Check this first before troubleshooting anything else.
{% endhint %}

***

## Dapta's public IP addresses

Add **all three** of the following IP addresses to your firewall or WAF allowlist:

| IP Address     | Status                        |
| -------------- | ----------------------------- |
| `3.135.117.63` | **New** — added February 2026 |
| `3.143.158.83` | Active                        |
| `3.14.139.223` | Active                        |

{% hint style="warning" %}
You must allowlist **all three IPs**. Dapta may send requests from any of them depending on server load and infrastructure routing. Missing even one can cause intermittent failures that are difficult to debug.
{% endhint %}

***

## How to add these IPs to your firewall

The exact steps depend on your firewall or hosting provider. Below is the general process, followed by provider-specific guidance.

**Step 1:** Log in to your firewall, WAF, or hosting provider's dashboard.

***

**Step 2:** Navigate to the **IP Allowlist**, **Access Control**, or **Firewall Rules** section. This is usually found under Security or Networking settings.

***

**Step 3:** Add each of the three IP addresses listed above as **allowed inbound IPs**. Make sure to allow traffic on **port 443 (HTTPS)**.

***

**Step 4:** Save your changes and verify by triggering a test webhook from Dapta (for example, by running a manual campaign call or triggering a Flow Studio workflow).

***

### Common firewall providers

| Provider               | Where to find the setting                                         |
| ---------------------- | ----------------------------------------------------------------- |
| **AWS WAF**            | WAF & Shield → Web ACLs → Select ACL → Rules → Add IP Set         |
| **Cloudflare**         | Security → WAF → Tools → IP Access Rules                          |
| **Google Cloud Armor** | Network Security → Cloud Armor → Policies → Add Rule              |
| **Azure Front Door**   | WAF policy → Managed rules → Custom rules → IP allow              |
| **Nginx**              | Add `allow 3.135.117.63;` directives to your server block         |
| **Apache**             | Add `Require ip 3.135.117.63` to your `.htaccess` or vhost config |

> **💡 Tip:** If you are unsure which firewall your company uses, ask your IT or DevOps team. Share this page with them — they will know exactly what to do.

***

## What Dapta sends via webhooks

When a webhook fires, Dapta sends a **POST request** to the URL you configured. Common triggers include:

* **Voice Agents** — call completed, voicemail detected, or call transferred.
* **Flow Studio** — a workflow step triggers an outbound HTTP request.
* **Sales Intelligence** — a meeting recording is processed and analyzed.
* **Campaigns** — contact call results are sent to an external system.

The request payload contains structured JSON data specific to the trigger type (call transcript, contact details, analysis results, etc.).

***

## Troubleshooting

| Problem                                    | Solution                                                                                                             |
| ------------------------------------------ | -------------------------------------------------------------------------------------------------------------------- |
| Webhooks were working but suddenly stopped | A new Dapta IP may have been added. Check that all three IPs listed above are in your allowlist.                     |
| Webhooks work intermittently               | You may be missing one of the three IPs. Dapta load-balances across all of them.                                     |
| Getting 403 Forbidden errors               | Your firewall is blocking the request. Add Dapta's IPs to your allowlist.                                            |
| Getting timeout errors                     | Check that port 443 (HTTPS) is open for the listed IPs.                                                              |
| Not sure if my firewall is blocking        | Ask your IT team to check firewall logs for blocked requests from `3.135.117.63`, `3.143.158.83`, or `3.14.139.223`. |

{% hint style="info" %}
If you continue to experience issues after allowlisting all three IPs, contact Dapta support. The problem may be on the application side rather than the network.
{% endhint %}