Does SocialScalr have a public REST API?

Yes. The public REST API is included on all paid plans (Starter and above). Authentication is via a per-user API token rotatable from Settings. Endpoints cover campaigns, leads, posts, sequences, and Watchtower entities. Rate limit is 600 requests per minute per workspace.

How do SocialScalr webhooks work?

Configure destination URLs in Settings → Webhooks. Pick which event types to forward (lead.connected, lead.replied, campaign.completed, post.published, watchtower.alert). Each delivery is an HTTPS POST with the event JSON in the body and an HMAC-SHA256 signature in the X-SocialScalr-Signature header. Failed deliveries retry with exponential backoff for 24 hours.

What can I integrate SocialScalr with?

Anything that accepts HTTPS POSTs. Documented recipes ship for Zapier, Make (Integromat), n8n, Slack, Discord, HubSpot, Salesforce, and Pipedrive. Custom integrations to internal CRMs or data warehouses work through the same webhook layer plus a small bridge function in Make/n8n or a dedicated receiver.

Features › API + webhooks

API + webhooks - REST endpoints and HMAC-signed outbound events

Most LinkedIn outreach tools treat integration as an afterthought - "we're available on Zapier" is the typical promise. SocialScalr ships a real public REST API and HMAC-signed outbound webhooks on every paid plan. The same surface internal SocialScalr code uses is the one external integrations get.

The REST API

Base URL: https://socialscalr.com/api/v1/. Authentication: Authorization: Bearer YOUR_API_TOKEN header. Token rotation: Settings → API tokens. Rate limit: 600 requests/minute per workspace.

Endpoints (highlights)

GET /campaigns - list campaigns, paginated.
POST /campaigns - create a campaign with targeting source + sequence steps.
GET /campaigns/:id/leads - leads scoped to a campaign with stage + activity metadata.
GET /leads - workspace-wide list with rich query filters (stage, tag, owner, last_activity_at, etc).
POST /leads - manually add a lead (with LinkedIn URL or contact data).
PATCH /leads/:id - update stage, owner, tags, custom fields, notes.
GET /posts - scheduled and published posts.
POST /posts - schedule a new post.
GET /watchtower/signals - recent Watchtower signals (Pro+).
POST /webhooks - register a new outbound webhook endpoint.

Full reference at /help/api with example payloads.

Example: pull replied leads from the last 24 hours

# Curl
curl -H "Authorization: Bearer YOUR_API_TOKEN" \
  "https://socialscalr.com/api/v1/leads?stage=replied&since=24h"

# Returns paginated JSON of leads with full activity, notes, message history.

Outbound webhooks

Webhooks fire when an event happens in your workspace. Configure in Settings → Webhooks. Each endpoint subscribes to a list of event types and receives signed HTTPS POSTs.

Supported event types

lead.connected - invite accepted.
lead.replied - inbound message from the lead.
lead.opened - lead engaged with one of your posts.
campaign.completed - campaign reached its end date or its target leads count.
post.published - scheduled post hit LinkedIn.
post.failed - scheduled post failed to publish (browser closed, LinkedIn rejected, etc).
watchtower.alert - Watchtower signal detected (Pro+).
subscription.created, subscription.cancelled - workspace billing changes (Agency).
team.member_added, team.member_removed - workspace user changes.

Payload shape (every event uses the same envelope)

// POST {your_endpoint}
// X-SocialScalr-Signature: sha256=<hmac-of-body>
// X-SocialScalr-Delivery-Id: del_01HEX...
// Content-Type: application/json
{
  "event": "lead.replied",
  "id": "evt_01HEXBC...",
  "workspace_id": "ws_8a2...",
  "created_at": "2026-05-24T15:32:11Z",
  "data": {
    "lead": { "id": "ld_...", "name": "Sarah Chen", ... },
    "message": { "direction": "inbound", "text": "Sure - send a link." }
  }
}

Signature verification

Every delivery includes an X-SocialScalr-Signature header of the form sha256=<hex>. Verify by computing HMAC-SHA256 of the raw request body using your webhook secret (shown once at endpoint creation time):

// Node.js
const crypto = require('crypto');
const sig = req.headers['x-socialscalr-signature'];
const expected = 'sha256=' + crypto.createHmac('sha256', secret)
  .update(req.rawBody).digest('hex');
if (sig !== expected) return res.status(401).send('bad sig');

Delivery reliability

Retries: failed deliveries retry with exponential backoff for 24 hours (1m, 5m, 30m, 2h, 6h, 24h).
Timeout: SocialScalr times out a delivery at 8 seconds. If your receiver is slow, use a queue.
Replay protection: the X-SocialScalr-Delivery-Id header is unique per attempt; store seen IDs to dedupe retries.
Delivery viewer: Settings → Webhooks → "Recent deliveries" shows the last 100 deliveries per endpoint with payload, response code, and retry timestamps.

Rate limits on outbound webhooks

SocialScalr caps outbound webhook delivery at 100 events/minute per workspace. Bursts above that queue and drain at the cap rate. For most workspaces this is invisible; agencies running 8+ active accounts can hit it at peak times.

Integration recipes (with payload + receiver setup)

Zapier - Webhooks by Zapier → Catch Hook → any of 6,000+ apps.
Make - Custom webhook → branching scenario with rich error handling.
n8n - Webhook node + Function node for signature verification, then branch.
Slack - direct Incoming Webhook URL, SocialScalr auto-formats to Slack blocks.
HubSpot - via Make: search contact by LinkedIn URL → create/update → attach note.
Salesforce - Zapier or direct Apex REST endpoint (sample class included).
Pipedrive - via Make: search person → create person if missing → create activity.
Discord - direct Incoming Webhook, SocialScalr auto-formats to Discord embed.

Full recipes with copy-paste receiver code at /integrations/.

What the API + webhooks are good for

Pushing every replied lead into your CRM as a Note + Task on the contact.
Slack notifications when a high-value account replies.
Triggering a downstream email sequence in Lemlist or Smartlead when a LinkedIn lead doesn't reply within X days.
Building a custom data warehouse view of all outbound activity for analytics.
Auto-tagging leads in HubSpot based on which SocialScalr campaign they came from.
Sending a webhook to your own internal "deal desk" tool when an enterprise account responds.

Plan availability

Free: Not included.
Starter ($29/mo): Full API + outbound webhooks, 100 req/min, 25 events/min.
Pro ($49/mo): 600 req/min, 100 events/min, audit log of API calls.
Agency ($149/mo for 10 seats): Per-seat tokens, workspace-level admin override token.

Integrations recipes - copy-paste setups for the 8 most common destinations.
REST API reference - full endpoint documentation.
Security and trust - how webhook secrets are stored and rotated.

← Content scheduler All features →