For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
SupportStatusTry now
DocumentationAPI Reference
DocumentationAPI Reference
    • API Overview
  • API Guides
    • Authentication
    • Concurrency & Rate Limits
    • Batch Processing
    • Webhooks
  • Generate API
    • POSTCreate Generation
    • POSTCreate Generation with Files
    • GETGet Generation
    • GETList Generations
    • POSTEstimate Cost
  • Batch API
    • POSTCreate Batch
    • GETGet Batch
    • GETList Batches
  • Assets API
    • GETList Assets
    • GETGet Asset
  • Models API
    • GETList Models
  • Webhooks Payload Reference
LogoLogo
SupportStatusTry now
On this page
  • How do I set up webhooks?
  • Error Handling in Webhooks
  • Verify webhook signatures
  • Related Resources
  • Frequently Asked Questions
API Guides

Webhooks

Was this page helpful?
Edit this page

Last updated May 15, 2026

Previous

Create Generation

Next
Built with

Sync Labs webhooks deliver real-time HTTP POST notifications when your lip sync generation jobs complete or fail. Use webhooks instead of polling to build efficient, event-driven workflows that respond to generation status changes without repeated API calls.

How do I set up webhooks?

To utilize webhooks:

  1. Specify a webhookUrl parameter when calling an API endpoints that support it.
  2. Ensure your webhook endpoint can receive and handle HTTP POST requests and can consume the Webhook Payload for status updates.

For security purposes, your webhook URL must be configured to accept and process HTTPS POST requests.

By leveraging webhooks, you can streamline your workflow with non-blocking calls, allowing you to focus on other tasks while receiving job completion notifications.

Error Handling in Webhooks

When a generation fails, the webhook payload will include error information in two fields:

  • error: A human-readable error message describing what went wrong
  • error_code: A specific error code that can be used for programmatic error handling (see the Error Handling guide for a complete list of error codes)

This improved error structure allows you to both display meaningful messages to users and implement specific error handling logic based on the error codes.

Verify webhook signatures

To ensure webhook requests are coming from Sync Labs, we sign each webhook request with a signature. The signature is included in the Sync-Signature header.

To verify signatures, use your signing secret.

The signature is made out of 2 components:

  • Timestamp (at the time of sending the event)
  • Signature hash (timestamp and the JSON payload)
1const express = require("express");
2const { createHmac, timingSafeEqual } = require("crypto");
3
4const app = express();
5
6const WEBHOOK_SECRET = "whsec_";
7
8app.use(express.json());
9
10const verifySignature = (payload, signature, secret) => {
11  try {
12    if (!signature) {
13      return false;
14    }
15    const [, timestamp, receivedSignature] =
16      signature.match(/t=(\d+),v1=(.+)/) ?? [];
17    if (!timestamp || !receivedSignature) {
18      return false;
19    }
20
21    const expectedSignature = createHmac("sha256", secret)
22      .update(`${timestamp}.${JSON.stringify(payload)}`)
23      .digest("hex");
24
25    // Timing-safe comparison to prevent timing attacks
26    return timingSafeEqual(
27      Buffer.from(receivedSignature),
28      Buffer.from(expectedSignature)
29    );
30  } catch (error) {
31    return false;
32  }
33};
34
35app.post("/webhook", (req, res) => {
36  const signature = req.headers["sync-signature"];
37
38  if (!verifySignature(req.body, signature, WEBHOOK_SECRET)) {
39    return res.status(400).json({
40      message: "Invalid signature",
41    });
42  }
43
44  return res.status(200).json({
45    message: "Webhook signature verified",
46  });
47});
48
49app.listen(8080, () => {});

Related Resources

  • Batch Processing — use webhooks with batch processing for high-volume workflows
  • Rate Limits — understand API rate limiting and how it affects webhook delivery

Frequently Asked Questions

How do I test webhooks locally?

Use a tunneling tool like ngrok to expose your local server to the internet. Start your webhook endpoint locally, then run ngrok to get a public HTTPS URL. Pass that URL as the webhookUrl when creating a generation. Sync Labs will send POST requests to your local server through the tunnel.

What if my endpoint is down?

If your webhook endpoint is unreachable when Sync Labs attempts delivery, the notification may be lost. There is no automatic retry for failed webhook deliveries. As a safety net, you can poll the generation status endpoint to check for completed or failed jobs that your webhook may have missed.

How do I verify webhook signatures?

Each webhook request includes a Sync-Signature header containing a timestamp and HMAC-SHA256 hash. Use your signing secret from the webhooks settings page to compute the expected signature and compare it using a timing-safe comparison function to prevent timing attacks. See the code examples above.