Skip to main content
RapidDev - Software Development Agency
replit-integrationsStandard API Integration

How to Integrate Replit with Webex by Cisco

To integrate Replit with Webex by Cisco, store your Webex Bot token or personal access token in Replit Secrets (lock icon πŸ”’) and call the Webex REST API from your server-side code. Webex provides APIs for creating meetings, sending messages to spaces (rooms), managing bots, and receiving real-time events via webhooks. For inbound messages and bot interactions, deploy as Autoscale or Reserved VM to keep webhook endpoints consistently available.

What you'll learn

  • How to create a Webex Bot and store its access token securely in Replit Secrets
  • How to send messages to Webex spaces and direct messages using Node.js and Python
  • How to create and manage Webex meetings programmatically
  • How to set up Webex webhooks to receive real-time message and room events
  • How to build a Webex bot that responds to user commands in team spaces
Book a free consultation
4.9Clutch rating ⭐
600+Happy partners
17+Countries served
190+Team members
Intermediate18 min read20 minutesCommunicationMarch 2026RapidDev Engineering Team
TL;DR

To integrate Replit with Webex by Cisco, store your Webex Bot token or personal access token in Replit Secrets (lock icon πŸ”’) and call the Webex REST API from your server-side code. Webex provides APIs for creating meetings, sending messages to spaces (rooms), managing bots, and receiving real-time events via webhooks. For inbound messages and bot interactions, deploy as Autoscale or Reserved VM to keep webhook endpoints consistently available.

Enterprise Collaboration Automation from Replit with the Webex API

Webex by Cisco is the collaboration platform of choice for many large enterprises, government agencies, and organizations deeply embedded in the Cisco ecosystem. Its REST API provides access to the full collaboration stack: messaging (send and receive messages in team spaces and direct messages), meetings (create, schedule, and manage video meetings), rooms (create and manage team workspaces), and people (user management and directory lookup). From Replit, you can build integrations that bring external data and automation into Webex, or use Webex as the interface for interacting with your application.

The most common Replit integration patterns are bot automation and meeting scheduling. Webex bots are first-class citizens in the platform β€” you create a bot in the Webex Developer portal, add it to a space, and it can send messages, respond to commands, and post notifications from your backend system. Bots are useful for sending alerts (deployment notifications, monitoring alarms, automated reports), responding to commands (slash commands, question-answering, status lookups), and facilitating workflows (approval requests, action items, status updates).

Webex meetings can be created programmatically via the Meetings API without going through the web interface β€” specify the title, start time, duration, invitees, and password, and Webex returns a join URL and conference details. This is useful for building scheduling systems, automated meeting creation triggered by events in other systems, or integrating Webex meeting creation into your existing booking workflow alongside email notifications.

Integration method

Standard API Integration

Webex integrates with Replit through the Webex REST API using Bearer token authentication. You create a Webex Bot (for automated messaging and room interactions) or use a personal access token (for user-context API calls). Your Replit server sends messages to Webex spaces, creates meetings, manages rooms, and receives real-time events via Webex webhooks. The Webex API is RESTful with consistent JSON responses and covers the full collaboration stack from messaging to meetings.

Prerequisites

  • A Replit account with a Node.js or Python Repl ready
  • A Webex account β€” free personal accounts are available at webex.com
  • A Webex Bot created at developer.webex.com (for automated messaging) or a personal access token (for user-context operations)
  • For webhooks: your app deployed with a stable HTTPS URL (https://yourapp.replit.app)

Step-by-step guide

1

Create a Webex Bot and Store the Token in Replit Secrets

Webex Bots are distinct user accounts that your application controls. Unlike personal access tokens (which expire), Bot access tokens never expire and are the right choice for server-side integrations. To create a Webex Bot: go to developer.webex.com β†’ My Webex Apps β†’ Create a New App β†’ Create a Bot. Fill in the bot name, username (must be unique across all of Webex), bot icon, and description. Click Add Bot. You will see the Bot Access Token β€” copy it immediately as it is only shown once. If you lose it, you must regenerate it. Add the bot to a Webex space to test messaging: in Webex (app or web), open or create a space β†’ add people β†’ search for your bot's username (it ends with @webex.bot). Once added, the bot can send and receive messages in that space. For personal access tokens (testing or user-context operations): go to developer.webex.com β†’ Documentation β†’ Getting Started β†’ scroll to 'Personal Access Token' to get a token for your own account. Note: personal access tokens expire after 12 hours and are NOT suitable for production server deployments. Open your Replit project and click the lock icon (πŸ”’) in the sidebar. Add: WEBEX_BOT_TOKEN: your Webex Bot access token (for bots) or personal access token (for testing). WEBEX_ROOM_ID: the ID of the Webex space you want the bot to message (find this via GET /rooms API).

check-webex-secrets.js
1// check-webex-secrets.js
2const required = ['WEBEX_BOT_TOKEN'];
3for (const key of required) {
4  if (!process.env[key]) {
5    throw new Error(`Missing: ${key}. Add it in Replit Secrets (lock icon πŸ”’).`);
6  }
7}
8// Quick verification call to get bot info
9fetch('https://webexapis.com/v1/people/me', {
10  headers: { 'Authorization': `Bearer ${process.env.WEBEX_BOT_TOKEN}` }
11})
12  .then(r => r.json())
13  .then(d => {
14    if (d.displayName) {
15      console.log(`Authenticated as: ${d.displayName} (${d.emails?.[0]})`);
16      console.log('Bot type:', d.type);  // 'bot' for bots, 'person' for personal tokens
17    } else {
18      console.error('Authentication failed:', JSON.stringify(d));
19    }
20  })
21  .catch(err => console.error('Connection error:', err.message));

Pro tip: Webex Bot tokens never expire β€” use them for production integrations. Personal access tokens expire after 12 hours and require OAuth to refresh, making them unsuitable for server-side automation. If your token was created at developer.webex.com as a 'personal access token', it will expire and your integration will stop working.

Expected result: The verification script prints the bot's display name and email. Type field shows 'bot' for bot tokens. Authentication failure prints the error details from the Webex API.

2

Send Messages to Webex Spaces with Node.js

The Webex Messages API creates messages in rooms (spaces) or as direct messages to individual people. All requests go to https://webexapis.com/v1/messages with a JSON body specifying the destination and content. To send a message to a room, set roomId to the space ID. To send a direct message to a person, use toPersonEmail (their Webex email) or toPersonId (their Webex user ID). Webex supports rich message content: plain text (text field), HTML with limited tags (html field), and Adaptive Cards (attachments field) for interactive message components like buttons, forms, and dynamic layouts. Adaptive Cards are particularly powerful for bot interactions β€” you can send a card with buttons and receive the user's selection as a separate webhook event. The roomId can be found by calling GET /rooms to list all spaces the bot is in, or by adding the bot to a space and calling GET /rooms after the add. Store frequently used room IDs in Replit Secrets to avoid API lookups on every send.

webex-messages.js
1// webex-messages.js β€” Send messages to Webex spaces
2const TOKEN = process.env.WEBEX_BOT_TOKEN;
3const ROOM_ID = process.env.WEBEX_ROOM_ID;
4const BASE_URL = 'https://webexapis.com/v1';
5
6async function webexRequest(method, endpoint, body = null) {
7  const options = {
8    method,
9    headers: {
10      'Authorization': `Bearer ${TOKEN}`,
11      'Content-Type': 'application/json',
12      'Accept': 'application/json'
13    }
14  };
15  if (body) options.body = JSON.stringify(body);
16
17  const response = await fetch(`${BASE_URL}${endpoint}`, options);
18  if (!response.ok) {
19    const errText = await response.text();
20    throw new Error(`Webex API ${response.status}: ${errText}`);
21  }
22  if (response.status === 204) return null;
23  return response.json();
24}
25
26// Send a plain text message to a room
27async function sendMessage(text, roomId = ROOM_ID) {
28  const message = await webexRequest('POST', '/messages', {
29    roomId,
30    text
31  });
32  console.log('Message sent:', message.id);
33  return message;
34}
35
36// Send a markdown-formatted message
37async function sendMarkdownMessage(markdown, roomId = ROOM_ID) {
38  return webexRequest('POST', '/messages', {
39    roomId,
40    markdown  // Supports **bold**, _italic_, ## headers, - lists, [links](url)
41  });
42}
43
44// Send a direct message to a person by email
45async function sendDirectMessage(toEmail, text) {
46  return webexRequest('POST', '/messages', {
47    toPersonEmail: toEmail,
48    text
49  });
50}
51
52// List all spaces the bot is in
53async function getRooms() {
54  const result = await webexRequest('GET', '/rooms');
55  return result?.items || [];
56}
57
58// Get details of a specific room
59async function getRoomDetails(roomId) {
60  return webexRequest('GET', `/rooms/${roomId}`);
61}
62
63// Example: send a deployment notification
64(async () => {
65  try {
66    // List rooms first to find the right room ID
67    const rooms = await getRooms();
68    console.log('Available spaces:');
69    rooms.forEach(r => console.log(` - ${r.id}: ${r.title}`));
70
71    // Send a notification
72    if (ROOM_ID) {
73      await sendMarkdownMessage(
74        '## Deployment Complete βœ“\n\n' +
75        '**Service:** API Server\n' +
76        '**Version:** v2.1.0\n' +
77        '**Status:** Success\n' +
78        '**Duration:** 45 seconds'
79      );
80      console.log('Notification sent!');
81    }
82  } catch (err) {
83    console.error('Error:', err.message);
84  }
85})();
86
87module.exports = { sendMessage, sendMarkdownMessage, sendDirectMessage, getRooms, webexRequest };

Pro tip: Run the getRooms() function first to find the room IDs of the spaces your bot has been added to. Copy the ID of the space you want to use and store it in Replit Secrets as WEBEX_ROOM_ID so you do not need to look it up on every run.

Expected result: Running the script lists all Webex spaces the bot is in with their IDs. The deployment notification markdown message appears in the configured Webex space with formatted headers and bold text.

3

Create Webex Meetings and Send Messages with Python

The Python implementation uses the requests library with Bearer token authentication. The pattern follows the same Webex REST API as Node.js β€” the difference is just syntax and library conventions. For Webex meeting creation, use the POST /meetings endpoint with title, start, end, password, and optionally invitees. Webex returns the meeting with joinUrl, sipAddress, and password for sharing with attendees. The meeting also appears in the Webex app calendar for invited users. The webexteamssdk Python library (pip install webexteamssdk) is an official Cisco SDK that provides a higher-level interface to the Webex API. It handles authentication and pagination automatically. However, for simple use cases the requests library with direct API calls gives you more control and fewer dependencies. For Flask applications, these functions can be called directly from route handlers. For example, a /schedule endpoint that creates a meeting and sends the join link to a Webex space.

webex_client.py
1# webex_client.py β€” Webex REST API client for Replit (Python)
2import os
3import requests
4from datetime import datetime, timedelta, timezone
5
6TOKEN = os.environ['WEBEX_BOT_TOKEN']
7ROOM_ID = os.environ.get('WEBEX_ROOM_ID', '')
8BASE_URL = 'https://webexapis.com/v1'
9HEADERS = {
10    'Authorization': f'Bearer {TOKEN}',
11    'Content-Type': 'application/json'
12}
13
14def webex_request(method: str, endpoint: str, body: dict = None) -> dict:
15    """Make an authenticated Webex API request."""
16    response = requests.request(method, f'{BASE_URL}{endpoint}', headers=HEADERS, json=body)
17    response.raise_for_status()
18    if response.status_code == 204:
19        return {}
20    return response.json()
21
22def send_message(text: str, room_id: str = None, markdown: str = None) -> dict:
23    """Send a text or markdown message to a Webex space."""
24    rid = room_id or ROOM_ID
25    if not rid:
26        raise ValueError('room_id required. Set WEBEX_ROOM_ID in Replit Secrets or pass room_id parameter.')
27    body = {'roomId': rid}
28    if markdown:
29        body['markdown'] = markdown
30    else:
31        body['text'] = text
32    return webex_request('POST', '/messages', body)
33
34def send_direct_message(to_email: str, text: str) -> dict:
35    """Send a direct message to a person by their Webex email."""
36    return webex_request('POST', '/messages', {'toPersonEmail': to_email, 'text': text})
37
38def create_meeting(
39    title: str,
40    start: datetime,
41    end: datetime,
42    password: str = None,
43    invitee_emails: list = None
44) -> dict:
45    """Create a Webex meeting and return the meeting details including join URL."""
46    body = {
47        'title': title,
48        'start': start.isoformat(),
49        'end': end.isoformat(),
50        'enabledAutoRecordMeeting': False,
51        'allowAnyUserToBeCoHost': False
52    }
53    if password:
54        body['password'] = password
55    if invitee_emails:
56        body['invitees'] = [{'email': e} for e in invitee_emails]
57
58    meeting = webex_request('POST', '/meetings', body)
59    return {
60        'id': meeting.get('id'),
61        'title': meeting.get('title'),
62        'joinUrl': meeting.get('webLink'),
63        'sipAddress': meeting.get('sipAddress'),
64        'password': meeting.get('password'),
65        'start': meeting.get('start')
66    }
67
68def get_rooms() -> list:
69    """List all spaces the bot or user is a member of."""
70    result = webex_request('GET', '/rooms')
71    return result.get('items', [])
72
73if __name__ == '__main__':
74    # List rooms
75    rooms = get_rooms()
76    print(f'Member of {len(rooms)} spaces:')
77    for r in rooms[:5]:
78        print(f'  {r["id"]}: {r["title"]}')
79
80    # Create a test meeting in 1 hour
81    now = datetime.now(timezone.utc)
82    meeting = create_meeting(
83        title='Team Sync',
84        start=now + timedelta(hours=1),
85        end=now + timedelta(hours=2),
86        password='MeetingPass123',
87        invitee_emails=['colleague@example.com']
88    )
89    print(f'\nMeeting created: {meeting["title"]}')
90    print(f'Join URL: {meeting["joinUrl"]}')
91    print(f'Password: {meeting["password"]}')

Pro tip: Webex meeting start and end times must be in ISO 8601 format with timezone information. Python's datetime.isoformat() includes the timezone offset when the datetime object has timezone info (tzinfo set). Always use UTC datetime objects (datetime.now(timezone.utc)) to avoid timezone confusion.

Expected result: Running python webex_client.py lists the spaces the bot is in and creates a test meeting. The meeting appears in Webex with the join URL printed to the console. Invitees receive Webex meeting invitations.

4

Build a Webex Bot with Webhook Event Handling

A complete Webex bot listens for messages in spaces it has been added to and responds based on command content. Webex delivers new messages to your bot via webhooks β€” when someone sends a message in a space the bot is in, Webex POSTs a notification to your webhook URL. The webhook payload contains the event type and a resource ID (message ID). To get the message content, you must make a secondary API call to GET /messages/{messageId} β€” Webex does not include the full message content in webhook payloads for security and privacy reasons. Create webhook subscriptions via the API (POST /webhooks) or in the Webex Developer portal. Each webhook has a targetUrl (your endpoint), a resource (messages, meetings, memberships), an event (created, updated, deleted), and an optional filter (e.g., filter by roomId to only receive events from specific spaces). Best practice: verify the webhook origin by including a secret in your webhook configuration. Webex sends an X-Spark-Signature header containing an HMAC-SHA1 of the request body using your secret β€” verify this before processing any event. Deploy as Autoscale or Reserved VM β€” webhook delivery requires a consistently available endpoint.

webex-bot.js
1// webex-bot.js β€” Webex Bot with webhook event handling
2const express = require('express');
3const crypto = require('crypto');
4const { sendMessage, webexRequest } = require('./webex-messages');
5const app = express();
6app.use(express.json());
7
8const TOKEN = process.env.WEBEX_BOT_TOKEN;
9const WEBHOOK_SECRET = process.env.WEBEX_WEBHOOK_SECRET || '';
10
11// Verify Webex webhook signature
12function verifySignature(rawBody, signature) {
13  if (!WEBHOOK_SECRET) return true; // Skip in dev (add secret for production)
14  const hmac = crypto.createHmac('sha1', WEBHOOK_SECRET);
15  hmac.update(JSON.stringify(rawBody));
16  const expected = hmac.digest('hex');
17  return signature === expected;
18}
19
20// Get the full message content (webhooks only include message ID)
21async function fetchMessage(messageId) {
22  return webexRequest('GET', `/messages/${messageId}`);
23}
24
25// Route: receive Webex webhook events
26app.post('/webex/webhook', async (req, res) => {
27  const signature = req.headers['x-spark-signature'];
28  if (!verifySignature(req.body, signature)) {
29    return res.status(401).json({ error: 'Invalid signature' });
30  }
31
32  // Respond 200 immediately β€” Webex retries if no response within 15 seconds
33  res.status(200).json({ received: true });
34
35  // Process event asynchronously
36  setImmediate(async () => {
37    try {
38      const { resource, event, data } = req.body;
39      console.log(`Webex event: ${resource}.${event}`);
40
41      if (resource === 'messages' && event === 'created') {
42        // Fetch the full message content
43        const message = await fetchMessage(data.id);
44
45        // Ignore messages sent by the bot itself (prevent infinite loops)
46        const botInfo = await webexRequest('GET', '/people/me');
47        if (message.personId === botInfo.id) return;
48
49        const text = (message.text || '').trim();
50        const roomId = message.roomId;
51        console.log(`Message in ${roomId}: ${text}`);
52
53        // Command routing
54        const lower = text.toLowerCase();
55        if (lower.includes('help') || lower === 'help') {
56          await sendMessage(
57            'Available commands:\nβ€’ **status** β€” get system status\nβ€’ **report** β€” get latest report\nβ€’ **help** β€” show this help message',
58            roomId  // Markdown
59          );
60        } else if (lower.includes('status')) {
61          await sendMessage(`**System Status** βœ“\n\nAll systems operational.\nLast check: ${new Date().toUTCString()}`, roomId);
62        } else if (lower.includes('report')) {
63          // TODO: fetch actual report data
64          await sendMessage('Generating report... Please wait.', roomId);
65        } else {
66          // Default: echo the message as a demo
67          await sendMessage(`I received your message: "${text}". Type **help** for available commands.`, roomId);
68        }
69      }
70    } catch (err) {
71      console.error('Webhook processing error:', err.message);
72    }
73  });
74});
75
76// Register webhook (run once to set up)
77async function registerWebhook(deployedUrl) {
78  try {
79    const existing = await webexRequest('GET', '/webhooks');
80    const items = existing?.items || [];
81    if (items.some(w => w.targetUrl === `${deployedUrl}/webex/webhook`)) {
82      console.log('Webhook already registered.');
83      return;
84    }
85    const webhook = await webexRequest('POST', '/webhooks', {
86      name: 'Replit Bot Webhook',
87      targetUrl: `${deployedUrl}/webex/webhook`,
88      resource: 'messages',
89      event: 'created',
90      secret: WEBHOOK_SECRET
91    });
92    console.log('Webhook registered:', webhook.id);
93  } catch (err) {
94    console.error('Webhook registration failed:', err.message);
95  }
96}
97
98app.listen(3000, '0.0.0.0', () => {
99  console.log('Webex Bot server running on port 3000');
100  // registerWebhook('https://yourapp.replit.app'); // Uncomment after deploying
101});

Pro tip: Always check if the incoming message was sent by your own bot (compare message.personId to your bot's ID from GET /people/me) before responding. Not doing this causes the bot to respond to its own messages, creating an infinite message loop that Webex will eventually throttle.

Expected result: The bot server starts on port 3000. After deploying and registering the webhook, messages sent to Webex spaces containing the bot trigger the webhook handler. The bot responds to 'help', 'status', and 'report' commands.

Common use cases

DevOps and Monitoring Notification Bot

Send real-time alerts to a Webex space when deployment events, monitoring alerts, or system notifications occur. The Replit server receives events from CI/CD pipelines, monitoring tools, or error tracking systems and formats them as Webex messages with rich markdown formatting β€” including severity indicators, error details, and action links.

Replit Prompt

Build a notification bot that receives deployment webhooks from a CI/CD pipeline, formats the deployment status (success/failure, service name, version, duration) as a Webex message with markdown formatting, and sends it to a team space dedicated to deployment updates.

Copy this prompt to try it in Replit

Automated Meeting Scheduler

Create Webex meetings programmatically when scheduling events occur β€” new client bookings, team standups, or project kickoffs. The Replit backend accepts meeting requests, calls the Webex Meetings API to create the meeting and generate a join URL, and sends the meeting details back to the requester and all invitees.

Replit Prompt

Create an API endpoint that accepts meeting details (title, attendees, start time, duration), creates a Webex meeting via the Meetings API, sends the join URL and password to all attendees as Webex direct messages, and returns the meeting ID for calendar integration.

Copy this prompt to try it in Replit

Interactive Command Bot for Team Spaces

Build a Webex bot that monitors a team space for commands and responds with dynamic data from your backend systems. Team members type commands like '@bot status', '@bot report', or '@bot help' and the bot queries your database or external APIs to provide the requested information in real time.

Replit Prompt

Build a Webex bot that listens for messages in a team space, parses commands prefixed with the bot name (status, help, report), queries the appropriate backend data source, and replies with the requested information formatted as markdown including tables and bullet points.

Copy this prompt to try it in Replit

Troubleshooting

Webex API returns 401 Unauthorized β€” 'The request requires a valid access token'

Cause: WEBEX_BOT_TOKEN in Replit Secrets is invalid, expired, or missing. Personal access tokens expire after 12 hours. Bot tokens do not expire unless explicitly revoked.

Solution: For bot tokens: go to developer.webex.com β†’ My Webex Apps β†’ your bot β†’ regenerate the access token, then update WEBEX_BOT_TOKEN in Replit Secrets. For personal access tokens: regenerate at developer.webex.com β†’ Documentation β†’ Getting Started β†’ Personal Access Token. Note that personal tokens are for testing only and will expire again in 12 hours.

typescript
1// Quick auth test β€” prints bot name if token is valid
2fetch('https://webexapis.com/v1/people/me', {
3  headers: { 'Authorization': `Bearer ${process.env.WEBEX_BOT_TOKEN}` }
4}).then(r => r.json()).then(d => console.log(d.displayName ? `Auth OK: ${d.displayName}` : 'Auth FAILED: ' + JSON.stringify(d)));

Bot is not receiving webhook events β€” messages are sent but the webhook endpoint is never called

Cause: The webhook is registered with a development Replit URL that is offline, or the webhook was not successfully registered (check for errors in the registration call), or the bot is not a member of the space where messages are being sent.

Solution: Deploy your app and register the webhook with the deployed URL. Verify the bot is added to the Webex space by calling GET /rooms to list spaces it has access to. Check existing webhooks with GET /webhooks to confirm the correct targetUrl is registered.

typescript
1// List registered webhooks to verify
2fetch('https://webexapis.com/v1/webhooks', {
3  headers: { 'Authorization': `Bearer ${process.env.WEBEX_BOT_TOKEN}` }
4}).then(r => r.json()).then(d => d.items?.forEach(w => console.log(`Webhook: ${w.id} β†’ ${w.targetUrl} (${w.status})`)));

Bot is sending messages but then immediately receives and responds to its own messages

Cause: The bot webhook fires when the bot itself sends messages, creating a feedback loop. The webhook handler is not checking if the incoming message was sent by the bot.

Solution: Fetch the bot's own person ID (GET /people/me) at startup and cache it. In the webhook handler, check if message.personId equals the bot's ID before processing β€” skip all messages from the bot itself.

typescript
1// Get and cache bot person ID to prevent self-response loops
2let BOT_PERSON_ID = null;
3async function getBotId() {
4  if (!BOT_PERSON_ID) {
5    const me = await webexRequest('GET', '/people/me');
6    BOT_PERSON_ID = me.id;
7  }
8  return BOT_PERSON_ID;
9}
10// In webhook handler:
11const botId = await getBotId();
12if (message.personId === botId) return; // Skip bot's own messages

Meeting creation fails with 400 Bad Request β€” 'The start and end time must be in the future'

Cause: Meeting start time is in the past or not in the correct ISO 8601 format with timezone. Webex requires meetings to start at least a few minutes in the future.

Solution: Ensure the start time is at least 1-2 minutes in the future when creating a meeting. Use ISO 8601 format with timezone offset: '2026-04-01T14:00:00Z' (UTC) or '2026-04-01T14:00:00-05:00' (Eastern). In Python, use datetime objects with timezone info; in Node.js, use new Date() and .toISOString().

typescript
1// Ensure start time is at least 5 minutes in the future
2const start = new Date(Date.now() + 5 * 60 * 1000).toISOString();
3const end = new Date(Date.now() + 65 * 60 * 1000).toISOString();
4console.log('Start:', start, 'End:', end);

Best practices

  • Store WEBEX_BOT_TOKEN in Replit Secrets (lock icon πŸ”’) β€” bot tokens provide full access to all spaces the bot has been added to and all API operations
  • Use Bot tokens for production server-side integrations, not personal access tokens β€” bot tokens never expire while personal tokens expire after 12 hours
  • Always check if incoming webhook messages were sent by the bot itself and skip them to prevent infinite message loops
  • Fetch the full message content with a secondary GET /messages/{id} call β€” Webex webhook payloads intentionally omit message content for privacy
  • Register webhook secrets and verify the X-Spark-Signature header on every incoming event to prevent unauthorized requests to your endpoint
  • Deploy as Autoscale or Reserved VM for webhook receivers β€” development Repls go offline when you close your browser, causing Webex to retry and eventually stop delivering events
  • Store frequently used room IDs in Replit Secrets to avoid calling GET /rooms on every message send
  • Return 200 immediately from webhook handlers and process the event asynchronously β€” Webex retries if no response is received within 15 seconds, and slow processing causes unnecessary retries

Alternatives

Zoom

Zoom has broader consumer and SMB adoption than Webex and a simpler API for meeting creation, making it the better choice for applications not targeting the Cisco enterprise ecosystem.

Google Meet

Google Meet integrates natively with Google Calendar and Workspace, making it the natural choice for organizations already using Google's productivity suite rather than Microsoft or Cisco.

Slack

Slack has a richer bot and app development ecosystem with better documentation and more third-party integrations than Webex, making it the preferred messaging platform for most non-Cisco environments.

Frequently asked questions

How do I create a Webex Bot and get its access token?

Go to developer.webex.com, sign in with your Webex account, click 'My Webex Apps' β†’ 'Create a New App' β†’ 'Create a Bot'. Fill in the bot name, username (must be globally unique, ends in @webex.bot), and description. Click 'Add Bot' and copy the Bot Access Token shown β€” it is only displayed once. If you lose it, you must regenerate it. Store it in Replit Secrets as WEBEX_BOT_TOKEN.

What is the difference between a Webex Bot token and a personal access token?

Bot tokens are permanent (never expire) and represent an automated application account. They are the right choice for server-side integrations that run continuously. Personal access tokens represent your own Webex user account and expire after 12 hours β€” they are useful for testing and development but cannot be used for production server deployments that need to run unattended.

Can I use Webex for free with Replit?

Webex has a free tier that includes unlimited messaging, 40-minute meeting limits, and full API access for bot development. Creating a bot and using the Webex API for messaging and short meetings is free. For longer meetings (over 40 minutes) or advanced enterprise features, you need a paid Webex plan.

Why does the Webex webhook not include the message text?

Webex intentionally omits message content from webhook payloads for privacy and security reasons. The webhook only delivers a notification that a message was created, along with the message ID. To read the actual message text, your webhook handler must make a second API call to GET /messages/{messageId}. This two-step pattern prevents message content from being visible in webhook logs or proxy servers.

What deployment type should I use for a Webex bot on Replit?

Use Autoscale deployment for most Webex bot scenarios. Webex webhooks are event-driven (triggered by user messages), and Autoscale handles this pattern efficiently by scaling to zero when idle. The 1-3 second cold start on Autoscale is within Webex's webhook timeout, so bot responses will still arrive within a few seconds of the user's message. Use Reserved VM if you need guaranteed sub-second bot response latency.

How do I find the room ID for a Webex space?

Call GET /v1/rooms with your bot token to list all spaces the bot has been added to. Each room in the response has an 'id' field β€” this is the room ID to use in message sends. Alternatively, when your bot receives its first webhook event from a space, the message object includes roomId. Store the room IDs you use frequently in Replit Secrets as WEBEX_ROOM_ID.

RapidDev

Talk to an Expert

Our team has built 600+ apps. Get personalized help with your project.

Book a free consultation

Need help with your project?

Our experts have built 600+ apps and can accelerate your development. Book a free consultation β€” no strings attached.

Book a free consultation

We put the rapid in RapidDev

Need a dedicated strategic tech and growth partner? Discover what RapidDev can do for your business! Book a call with our team to schedule a free, no-obligation consultation. We'll discuss your project and provide a custom quote at no cost.