Triggers
Triggers define how and when workflows execute. Configure webhooks for event-driven automation or schedules for recurring tasks.
Trigger types
Section titled “Trigger types”Each workflow can have one or more triggers attached to it.
| Type | Description |
|---|---|
| Webhook | Execute via HTTP POST to a unique URL |
| Schedule | Execute on a cron schedule |
Webhook triggers
Section titled “Webhook triggers”Each webhook trigger generates a unique URL surfaced in the Triggers page. Send an HTTP POST request to this URL to start the workflow; the request body is available to nodes in the workflow as input variables (e.g. {{webhook.payload.*}}).
The URL is a Portal URL, not the backend AI API — every webhook is proxied through Portal, which authenticates and forwards to the workflow engine. External services only ever see Portal URLs.
https://dash.quantcdn.io/webhooks/ai/workflows/{workflowId}Example request (default secret auth mode):
curl -X POST https://dash.quantcdn.io/webhooks/ai/workflows/{workflowId} \ -H "Content-Type: application/json" \ -H "Authorization: Bearer <your-webhook-secret>" \ -d '{"input": "Process this data"}'Replace {workflowId} with your workflow’s unique identifier.
Authentication
Section titled “Authentication”Every webhook trigger has a per-workflow secret (mandatory). Two auth modes are available, picked per-trigger in the workflow editor:
| Mode | How the caller authenticates | When to use |
|---|---|---|
secret (default) |
Authorization: Bearer <secret> or ?token=<secret> |
Internal services, manual curl, any HTTP client |
hmac |
X-Hub-Signature-256: sha256=<HMAC-SHA256(body, secret)> — POST only |
GitHub webhooks and any GitHub-style signed delivery |
A missing, wrong, or (in HMAC mode) tampered request returns 401 and never starts the workflow. The secret is surfaced in the dashboard via Reveal (non-destructive read-back) and cycled via Rotate (destructive). See Webhook secrets for the full reveal-vs-rotate UX and a GitHub configuration walkthrough.
Scheduled triggers
Section titled “Scheduled triggers”Execute workflows on a recurring schedule using cron expressions. Configure the schedule when creating or editing the trigger.
Common cron expressions:
| Expression | Schedule |
|---|---|
0 9 * * 1 |
Every Monday at 9:00 AM |
0 */6 * * * |
Every 6 hours |
0 0 1 * * |
First day of each month at midnight |
*/30 * * * * |
Every 30 minutes |
Managing triggers
Section titled “Managing triggers”View all triggers across all workflows on the Triggers page in the dashboard sidebar. The page has two tabs:
- Webhooks — all webhook triggers with their URLs and parent workflows
- Schedules — all scheduled triggers with their cron expressions
This aggregated view makes it easy to audit and manage triggers across your entire organisation without navigating into each individual workflow.
Enable and disable triggers
Section titled “Enable and disable triggers”Toggle individual triggers on or off without deleting them. Disabled triggers remain configured but will not execute. This is useful for temporarily pausing automations during maintenance or testing.
To toggle a trigger, click the Enable/Disable toggle next to the trigger in the list, or edit the trigger from within its parent workflow.
Deleting triggers
Section titled “Deleting triggers”Remove a trigger from its parent workflow permanently. Deleting a webhook trigger invalidates its URL — any requests sent to that URL will return an error. Deleting a scheduled trigger cancels all future scheduled executions.
Next steps
Section titled “Next steps”- Webhook secrets — reveal vs rotate, HMAC mode, GitHub webhook configuration
- Executions — monitor workflow runs triggered by webhooks and schedules
- Workflow editor — design and configure workflows
