Skip to main content

Sync Consent to Your CRM via Webhooks

Keep your CRM's email marketing opt-ins in sync with ConsentForge consent decisions automatically.

Architecture

User accepts/rejects marketing → ConsentForge webhook → Your backend → CRM API

Step 1: Create a webhook endpoint

Set up an endpoint on your backend that handles the ConsentForge payload:

// Express example
app.post('/webhooks/consentforge', express.raw({ type: '*/*' }), async (req, res) => {
  // 1. Verify signature
  const valid = verifyConsentForgeWebhook(
    req.body.toString(),
    req.headers['x-consentforge-signature'],
    req.headers['x-consentforge-timestamp'],
    process.env.CONSENTFORGE_WEBHOOK_SECRET
  );
  if (!valid) return res.status(401).send('Unauthorized');

  // 2. Parse payload
  const payload = JSON.parse(req.body);

  // 3. Only handle marketing consent events
  if (['consent.created', 'consent.updated'].includes(payload.event)) {
    const hasMarketingConsent = payload.data.choices.marketing === true;

    // 4. Update CRM
    await updateCRMContact({
      ip_hash: payload.data.ip_hash,
      marketing_opt_in: hasMarketingConsent,
      consent_timestamp: payload.timestamp,
      receipt_id: payload.data.receipt_id,
    });
  }

  res.json({ received: true });
});

Step 2: Register the webhook in ConsentForge

Property → Webhooks → Add Endpoint

  • URL: https://yourapp.com/webhooks/consentforge
  • Events: consent.created, consent.updated
  • Copy the webhook secret

Step 3: Map CRM contact

Since ConsentForge stores hashed identifiers (not emails), you need a way to link the receipt to a CRM contact. Options:

  1. Logged-in users: Store the ConsentForge receipt ID on the user record at login
  2. Email forms: After a form submission, call ConsentForge.getReceiptId() and store it alongside the email

See also: Webhooks · Webhook Security