Server-side ingestion

Ingestion & webhooks

Send events from a server or headless stack, and receive signed webhooks. These endpoints authenticate with your public site_id (the same identifier the browser tag ships) — they are the trust boundary for client-originated data, so they are rate-limited and bound-checked.

When to use thisMost sites just install the browser tag, which calls these endpoints for you. Reach for the raw endpoints for headless/SSR flows, mobile apps, or server-side conversions you can't fire from the browser.

Identify

Attach a known identity to a session server-side.

POST/api/identify
ParameterTypeDescription
session_id
required
stringThe visitor session to attach the identity to.
site_id
required
stringYour public site identifier.
traits
required
objectAt least one trait (email, external_id, or any custom attribute). Values are strings.
curl
curl -sS https://axoapp.ai/api/identify \
  -H "Content-Type: application/json" \
  -d '{
    "session_id": "sess_456uvw",
    "site_id": "YOUR_SITE_ID",
    "traits": { "email": "customer@example.com", "plan": "pro" }
  }'

Convert

Record a conversion and fan it out to configured ad platforms (Meta / Google CAPI).

POST/api/convert
ParameterTypeDescription
session_id
required
stringThe converting session.
site_id
required
stringYour public site identifier.
revenue
required
number | nullConversion revenue, 0–10,000,000. Null records a non-revenue conversion.
line_items
optional
LineItem[]Up to 100 items ({ sku, qty, price }); powers CAPI content_ids and the co-purchase recommender.
curl
curl -sS https://axoapp.ai/api/convert \
  -H "Content-Type: application/json" \
  -d '{
    "session_id": "sess_456uvw",
    "site_id": "YOUR_SITE_ID",
    "revenue": 149.00,
    "line_items": [{ "sku": "SKU-1", "qty": 2, "price": 24.0 }]
  }'

Lead capture

Identify the profile and (optionally) kick off follow-up. Feeds the Leads pipeline.

POST/api/lead/capture
curl
curl -sS https://axoapp.ai/api/lead/capture \
  -H "Content-Type: application/json" \
  -d '{
    "site_id": "YOUR_SITE_ID",
    "visitor_id": "vis_789xyz",
    "email": "lead@example.com",
    "name": "Jordan Lee",
    "appointment_slot": "2026-07-20T15:00:00Z"
  }'

Webhooks

Configure a webhook destination in Admin → Integrations to receive real-time events. Every payload is HMAC-SHA256 signed — verify the X-AXO-Signature header against your shared secret before trusting the body.

Supported events
Event typeTypeDescription
profile.identified
optional
eventFired when an anonymous session is linked to a known identity.
segment.changed
optional
eventFired when a profile's primary segment changes.
conversion
optional
eventFired on a recorded conversion, with revenue and line items.
// POST to your endpoint
// Header: X-AXO-Signature: sha256=<hmac>
{
  "event": "profile.identified",
  "site_id": "site_abc123",
  "visitor_id": "vis_789xyz",
  "session_id": "sess_456uvw",
  "profile": { "email": "customer@example.com", "external_id": "usr_12345" },
  "segment": "deliberator",
  "timestamp": "2026-07-14T14:32:01Z"
}