POST to /v1/webhooks with a JSON body specifying subscription_url (your HTTPS endpoint), event_action (e.g., updated, added, deleted, all), and event_object (e.g., deal, person, organization, all)
The response returns the webhook id — store it to manage or delete the webhook later
Pipedrive sends HTTP POST requests to your subscription_url when matching events occur; respond with HTTP 200 within the timeout window to acknowledge
List existing webhooks with GET /v1/webhooks; delete one with DELETE /v1/webhooks/{id}
Each webhook payload contains a meta block with the event and action, and a current block with the updated object state
Known gotchas
Webhook delivery is not guaranteed exactly-once — your endpoint must be idempotent; Pipedrive may retry on non-200 responses
The subscription_url must be publicly reachable over HTTPS with a valid certificate; HTTP or self-signed certificates are rejected
Pipedrive webhooks do not include a cryptographic signature by default — validate events using IP allowlisting or by re-fetching the record from the API
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp