CRM Integrations
Elmob sends your leads to any CRM via webhook. Click the logo, paste one URL, done. Every connected CRM receives the same canonical event format, so your automations work everywhere.
How it works
- Open the client in Elmob platform, go to Integrations.
- Click "+ Add Integration" and pick your CRM.
- Paste the webhook URL from your CRM. Save.
- Click "Test" to send a synthetic lead and verify delivery.
From that point on, every new lead captured by Elmob (website forms, Facebook lead ads, manual entry, AI assistant) is delivered to your CRM in real time. Failed deliveries retry with exponential backoff up to 24 hours.
Workzen
- In Workzen, go to Settings, Integrations, Webhooks, New Webhook.
- Copy the URL Workzen gives you (or use a Workzen-supplied inbound URL).
- Paste in Elmob and save.
Workiz
- Workiz, Settings, API, Webhooks.
- Create a new inbound webhook and copy the URL.
- Paste in Elmob.
Housecall Pro
- Open Developer settings, Webhooks.
- Create a new webhook subscription and copy the URL.
- Paste in Elmob.
Jobber
- Developer center, Webhooks.
- Create a new webhook and copy the URL.
- Paste in Elmob.
Zapier
- Create a new Zap.
- Trigger: "Webhooks by Zapier", "Catch Hook". Copy the catch URL.
- Paste in Elmob. Add any Zapier action you want downstream.
Custom CRM
Any URL that accepts POST JSON works. Elmob signs each delivery with HMAC SHA-256 in the X-Elmob-Signature header if you provide a signing secret.
Verifying the signature (outbound)
The signature is hex(hmac_sha256(secret, raw_request_body)). Compare constant-time against the X-Elmob-Signature header.
// Node.js example
const crypto = require('crypto');
const expected = crypto.createHmac('sha256', SECRET).update(rawBody).digest('hex');
const received = req.header('X-Elmob-Signature');
if (!crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(received))) {
return res.status(401).send('bad signature');
} Inbound webhooks (Workzen)
Inbound deliveries into Elmob (for example from Workzen) must include an X-Workzen-Signature header computed with the client API key as the HMAC SHA-256 secret over the raw request body. Unsigned or mismatched requests are rejected with 401. Key rotation is supported with a short grace period on the previous key.
Canonical event types
lead.created,lead.updated,lead.converted,lead.lostjob.scheduled,job.dispatched,job.started,job.completed,job.canceledinvoice.sent,invoice.paidcustomer.created,customer.updatedreview.requested,review.received
Payload shape
{
"id": "evt_...",
"client_id": "...",
"type": "lead.created",
"occurred_at": "2026-04-13T12:34:56.000Z",
"data": {
"lead": {
"id": "...",
"name": "...",
"phone": "...",
"email": "...",
"address": "...",
"service_type": "...",
"source": "...",
"notes": "..."
}
}
} Zapier and Workiz receive a flattened version where lead fields are at the top level for easier mapping.
Reliability
Every event is queued in an outbox table and dispatched via Cloudflare Queues. Failures retry at 1m, 5m, 30m, 2h, 12h, 24h before going to DLQ. You see a per-destination success and failure counter, last status, and last error directly in the Elmob platform.