Web-To-CRM Endpoint


WebToCRM exposes API endpoints that allow external websites, forms, and apps to create, read, update, or delete records in your CRM based on a saved configuration.

How it works

Each configuration creates a dedicated endpoint for a specific entity type with defined operations and field permissions. Only the fields you explicitly allow are accepted - the external system must send data using the exact field names you select.

How to create a WebToCRM configuration


Step 1: Open WebToCRM

  1. Go to Settings

  2. Click WebToCRM

  3. Click + Create Configuration

Step 2: Set up basic information

  1. Enter a Configuration Name (e.g., Contact Form Lead Capture)

  2. Add a Description (optional)

  3. Ensure Enable Configuration is toggled on — the endpoint only accepts submissions when active

Step 3: Configure the target entity

  1. Select the Entity Type — the CRM entity this endpoint will interact with (e.g., Customer, Contact, or a custom object)

  2. Select the Allowed Operations — choose which CRUD operations this endpoint supports: Create, Read, Update, Delete, or Customer 360

Step 4: Set security and domain rules

  1. Under Allowed Domains, enter the domains permitted to submit to this endpoint:

    • mywebsite.com — allow a specific domain

    • *.mycompany.com — allow all subdomains

    • * — allow all domains (use with caution)

  2. Add a Success Redirect URL — where users are sent after a successful submission (optional)

  3. Add an Error Redirect URL — where users are sent if the submission fails (optional)

Step 5: Configure allowed fields

  1. Under Allowed Fields Configuration, select which entity fields the external API can submit data to

  2. Only selected fields are accepted — the external system must use the exact field names shown (e.g., if you allow name, the API must send { "name": "John Doe" })

  3. Click Create Configuration to save

Step 6: View the API setup

Click Connection Guide to view the generated API endpoint, setup instructions, and examples for integrating with your external system.


  • Create separate configurations with different API keys for each operation type — this is the recommended best practice

  • The generated endpoint and API documentation are accessible after saving the configuration

  • You can disable an endpoint at any time by toggling off Enable Configuration without deleting it