ReviewNudger API
Last updated: July 5, 2026
The ReviewNudger™ API lets any system that can send an HTTPS request trigger an automatic Google review request: automation platforms like Make.com, Integrately, and n8n, internal tools, or your own code. All endpoints are served from https://www.reviewnudger.com over HTTPS with JSON request bodies. Questions: support@reviewnudger.com.
Every event you send is recorded and visible in your dashboard — including suppressed or failed requests with their reason — so an automation that stops working is never a silent failure.
Authentication: API key
Requests authenticate with your account's webhook API key, a value starting with rndg_ct_. The account owner creates and rotates it in the dashboard under Settings → Connected apps → Direct webhook key; it is shown once at creation, so store it in a secret manager. Send it on every request:
Authorization: Bearer rndg_ct_...
Because the key is verified against the account named in the request body, API-key requests must include accountId (and locationId for multi-location accounts) as documented below. Rotating the key invalidates the previous value immediately.
Platform partners that connect many users — like the ReviewNudger Zapier integration — use OAuth 2.0 instead, which also unlocks the create-contact action and read feeds. That flow is documented at /docs/zapier-api.
POST /webhook/custom — create a review request
Records a completed payment or job and, subject to the location's automation settings, creates and schedules one review request for the customer. Send Content-Type: application/json. With API-key authentication the supported eventType is payment_completed; other event types are acknowledged with HTTP 200 and ignored. (The customer_created contact action is available on the OAuth path.)
Account and location fields
| Field | Type | Required | Description |
|---|---|---|---|
| accountId | string | Yes | Your ReviewNudger account ID (UUID). Shown next to the webhook key in Settings. |
| locationId | string | Single location: no | The business location the review request belongs to. Optional only when the account has exactly one location; required for multi-location accounts. |
Event fields
| Field | Type | Required | Description |
|---|---|---|---|
| eventType | string | Yes | Must be payment_completed. |
| receiptId | string | Yes | Stable unique ID for the source event (for example the payment or order ID). This is the idempotency key: replays with the same receiptId do not create duplicates. |
| occurredAt | string | Yes | ISO-8601 timestamp of when the payment or transaction completed. |
| paymentId | string | Yes | The payment, order, job, or transaction ID from the source system. |
| amount | string or number | Yes | Transaction amount as a non-negative decimal with at most 2 fraction digits, for example 125.50. |
| currency | string | Yes | Three-letter ISO currency code, for example USD. |
| customerEmail | string | One of email/phone | Customer email address. At least one of customerEmail or customerPhone is required. |
| customerPhone | string | One of email/phone | Customer phone number. At least one of customerEmail or customerPhone is required. |
| customerName | string | No | Customer full name. |
| customerFirstName | string | No | Customer first name, if the source system provides it separately. |
| customerLastName | string | No | Customer last name, if the source system provides it separately. |
| metadata | object | No | Optional JSON object with key-value pairs stored for troubleshooting. |
Example
curl -X POST https://www.reviewnudger.com/webhook/custom \
-H "Authorization: Bearer rndg_ct_..." \
-H "Content-Type: application/json" \
-d '{
"accountId": "<your account UUID>",
"eventType": "payment_completed",
"receiptId": "invoice-10394",
"occurredAt": "2026-07-05T14:00:00Z",
"paymentId": "invoice-10394",
"amount": 125.50,
"currency": "USD",
"customerEmail": "customer@example.com",
"customerName": "Jordan Lee"
}'
HTTP/1.1 200 OK
OKIdempotency and retries
receiptIdis the idempotency key, scoped per account. Use a stable ID from the source system (invoice ID, payment ID, booking ID) and reuse it on every retry of the same event.- Replaying a request that was already processed returns HTTP 200 without creating anything new. One event creates at most one review request, enforced by a unique constraint on the normalized event.
- After an HTTP 500, retry with the same
receiptId: the retry resumes processing of the original event and cannot double-send. - Your per-location send delay, cooldown, and opt-out settings apply to every request, no matter which system sent the event.
Errors
The webhook endpoint returns plain-text error bodies. Responses include an X-RN-Auth-Method header identifying how the request was authenticated.
| Status | Meaning |
|---|---|
| HTTP 400 | Validation failure. The plain-text body names the field, for example "occurredAt must be a valid ISO-8601 timestamp." Do not retry without fixing the payload. |
| HTTP 401 | Missing or invalid API key, or the key does not belong to the accountId in the body. Check the key and accountId in Settings. |
| HTTP 500 | Processing failure on our side. Safe to retry with the same receiptId; the replay collapses onto the original event. |
Platform guides
- Connect via Make.com — step-by-step scenario setup with the HTTP module.
- Connect via Integrately — one-click automations built on this API.
- All integrations — native connections and the via-Zapier directory.