> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cotool.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Webhook trigger

> Invoke an agent trigger via incoming webhook. External services post to this endpoint.



## OpenAPI

````yaml https://app.cotool.ai/api/docs/openapi.json post /api/trigger/{source}/{triggerId}
openapi: 3.1.0
info:
  title: Cotool API
  version: 1.0.0
  description: >-
    # Cotool API Documentation


    The Cotool API allows you to interact with the Cotool platform
    programmatically, enabling you to build powerful integrations and automate
    your workflows.


    ## Getting an API Key


    Follow these steps to generate your API key:


    1. **Log in** to the Cotool web interface

    2. **Navigate** to `/settings/api-keys`

    3. **Click** "Generate Key"

    4. **Copy and store** your API key securely ⚠️ *It won't be shown again*


    ## API Key Authentication


    For programmatic access and integrations, use your API key with the
    Authorization header:


    ```http

    Authorization: Bearer your_api_key_here

    ```


    ```bash

    curl -X GET "https://app.cotool.ai/api/endpoint" \
      -H "Authorization: Bearer your_api_key_here" \
      -H "Content-Type: application/json"
    ```
servers:
  - url: https://app.cotool.ai
    description: Production server
security:
  - ApiKeyAuth: []
paths:
  /api/trigger/{source}/{triggerId}:
    post:
      tags:
        - Agent Triggers
      summary: Webhook trigger
      description: >-
        Invoke an agent trigger via incoming webhook. External services post to
        this endpoint.
      parameters:
        - in: path
          name: source
          description: >-
            Source system sending the webhook (jira, jira-automation, slack,
            linear, webhook, bugcrowd, or hackerone)
          schema:
            type: string
            enum:
              - jira
              - jira-automation
              - slack
              - linear
              - webhook
              - bugcrowd
              - hackerone
            description: >-
              Source system sending the webhook (jira, jira-automation, slack,
              linear, webhook, bugcrowd, or hackerone)
          required: true
        - in: path
          name: triggerId
          description: Unique identifier of the trigger to invoke
          schema:
            type: string
            format: uuid
            description: Unique identifier of the trigger to invoke
          required: true
      requestBody:
        content:
          application/json:
            schema:
              description: >-
                Body of the webhook request. This can be any value, and it will
                be passed as input to the agent.
      responses:
        '200':
          description: Successful response
          content:
            application/json:
              schema:
                anyOf:
                  - type: object
                    properties:
                      executionId:
                        type: string
                        description: Unique identifier for the agent execution
                    required:
                      - executionId
                    description: >-
                      Response from webhook trigger containing execution ID. Use
                      this to retrieve the execution status of the agent.
                  - type: object
                    properties:
                      executionId:
                        type: string
                        const: skipped
                        description: Indicates the webhook was skipped
                      message:
                        type: string
                        description: Reason why the webhook was skipped
                      action:
                        type: string
                        description: The action that caused the webhook to be skipped
                    required:
                      - executionId
                      - message
                      - action
                    description: >-
                      Response from webhook trigger containing execution ID,
                      skip message, or error message
                  - type: object
                    properties:
                      error:
                        type: string
                        description: Error message if webhook processing failed
                    required:
                      - error
                    description: Response from webhook trigger containing error message
                description: >-
                  Response from webhook trigger containing execution ID, skip
                  message, or error message
        '400':
          description: Bad request — input validation failed or the request was malformed
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
        '500':
          description: Internal server error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
      x-codeSamples:
        - lang: shell
          label: cURL
          source: >-
            curl -X POST "https://app.cotool.ai/api/trigger/:source/:triggerId"
            \
              -H "Authorization: Bearer YOUR_API_KEY" \
              -H "Content-Type: application/json" \
              -d '{"example":"any_value","note":"This field can contain any type of data"}'
components:
  schemas:
    ValidationError:
      type: object
      properties:
        error:
          type: string
          description: Error message describing what went wrong
        issues:
          type: array
          description: >-
            Detailed validation issues, present when request or response schema
            validation fails
          items:
            type: object
            additionalProperties: true
      required:
        - error
    Error:
      type: object
      properties:
        error:
          type: string
          description: Error message describing what went wrong
      required:
        - error
  securitySchemes:
    ApiKeyAuth:
      type: http
      scheme: bearer
      bearerFormat: API Key
      description: >-
        API Key authentication for programmatic access. Include your API key in
        the Authorization header as: `Bearer your_api_key_here`

````