API & integrations
Push leads into Revenue Recall from anywhere, sync your pipeline back out, embed a capture form on any site, and receive signed events in real time. Every captured lead is immediately worked by the autonomous engine. Manage your key, form, and webhook in Settings → Developer.
Authentication
All API requests authenticate with your workspace key (generate it in Settings → Developer). Send it as a bearer token or an x-api-key header. Keys look like rr_live_… — keep them server-side.
Authorization: Bearer rr_live_xxxxxxxxxxxxxxxx # or x-api-key: rr_live_xxxxxxxxxxxxxxxx
Base URL: https://www.recall-touch.com
Create a lead
POST /api/v1/leads — creates a contact and an open deal. Requires name and either email or phone. Optional: company, title, value, source, notes, dealTitle, sequenceId.
curl -X POST https://www.recall-touch.com/api/v1/leads \
-H "Authorization: Bearer rr_live_xxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"name": "Jane Doe",
"email": "jane@acme.com",
"company": "Acme",
"value": 5000,
"source": "website"
}'
# 201 Created
{ "ok": true, "contactId": "c_…", "dealId": "o_…", "enrolled": false }Need a contact without a deal? POST /api/v1/contacts (same fields, no deal created) and PATCH /api/v1/contacts/:id to update one.
List leads & deals
GET /api/v1/leads, GET /api/v1/deals, and GET /api/v1/contacts — return your records in a stable shape. All accept ?limit= (default 50, max 200).
curl https://www.recall-touch.com/api/v1/deals?limit=50 \
-H "Authorization: Bearer rr_live_xxxxxxxxxxxxxxxx"
# 200 OK
{ "data": [ { "id": "o_…", "title": "Acme — Jane Doe", "value": 5000,
"currency": "USD", "stage": "New", "contactId": "c_…" } ], "count": 1, "total": 1 }Create a deal for an existing contact with POST /api/v1/deals (contactId required; optional title, value, stageId). Update one with PATCH /api/v1/deals/:id — move its stage with stageId, or mark the outcome with status: "won" / "lost".
curl -X PATCH https://www.recall-touch.com/api/v1/deals/o_123 \
-H "Authorization: Bearer rr_live_xxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{"status":"won"}'
# 200 OK
{ "ok": true, "deal": { "id": "o_123", "title": "Acme — Jane Doe", "stage": "Won" } }Embeddable capture form
Prefer no code? Embed your hosted form — every submission becomes a worked lead. Copy the iframe from Settings → Developer (it carries a write-only token, safe for public pages).
<iframe src="https://www.recall-touch.com/f/YOUR_ORG?k=YOUR_FORM_TOKEN" title="Contact form" width="100%" height="520" style="border:0;max-width:480px" loading="lazy"></iframe>
Webhooks
Set an https endpoint in Settings → Developer to receive events. We POST signed JSON. Events: lead.created (every API and form capture), contact.created, contact.updated, deal.created, deal.stage_changed, deal.won, deal.lost, message.received (a lead replied), meeting.booked, meeting.cancelled, meeting.completed, and meeting.no_show. Verify each delivery with the signing secret shown when you save the endpoint.
POST (your endpoint)
X-RR-Event: lead.created
X-RR-Signature: sha256=<hmac>
Content-Type: application/json
{ "event": "lead.created", "data": { "contactId": "c_…", "dealId": "o_…",
"name": "Jane Doe", "email": "jane@acme.com" }, "sentAt": "2026-01-01T00:00:00.000Z" }Verify the signature (Node.js):
import crypto from "node:crypto";
function verify(rawBody, signatureHeader, secret) {
const expected = "sha256=" + crypto.createHmac("sha256", secret)
.update(rawBody, "utf8").digest("hex");
return crypto.timingSafeEqual(Buffer.from(expected), Buffer.from(signatureHeader));
}