Certyneo Webhooks: Automate accounting statements in ERP

When a document is signed electronically via Certyneo, what happens next in your accounting chain? For most businesses, the answer is still too often: nothing automatic. An employee manually downloads the signed PDF, sends it by email to the accountant, who re-enters it into their management software. This fragmented process generates errors, delays and a loss of traceability incompatible with the requirements of a reliable accounting statement. Certyneo webhooks address this exact problem: they automatically trigger actions in your third-party systems — ERP, accounting software, document management — as soon as a signature event occurs. This article explains in detail how to configure and use these webhooks to streamline your accounting cycle from end to end.

What is a webhook and why it's essential for accounting

The webhook principle explained simply

A webhook is a real-time HTTP notification mechanism: instead of regularly asking an API "has anything changed?" (an approach called polling), the sending application — here Certyneo — sends an HTTP POST request to a URL of your choice as soon as a specific event occurs. In accounting, this means that the moment a purchase order, supplier contract or expense note is electronically signed, your ERP can be instantly notified, without human intervention.

Unlike a simple CSV export or a monthly statement, the webhook guarantees near-real-time data synchronisation. For an accountant managing monthly or quarterly closings, this granularity is decisive: supporting documents are available in the system as soon as they're signed, not at the end of the month during a laborious catch-up.

Certyneo events that trigger accounting statements

Certyneo exposes several types of events via webhooks, directly usable in an accounting context:

• `envelope.completed`: all parties have signed the document — this is the main trigger for injecting a supporting document into your ERP.
• `envelope.declined`: a signatory has refused — useful for alerting the accounting department of a disputed invoice.
• `envelope.expired`: the signing deadline has passed — allows you to restart a procedure and avoid a gap in accounting.
• `signer.signed`: partial signature from one party — relevant for multi-signatory contracts (e.g. commercial lease requiring signature from both landlord and tenant).

Each JSON payload sent by Certyneo contains essential metadata: document identifier, qualified timestamp, signer names, secure URL for downloading the signed PDF and audit trail. This structured data is directly usable by an ERP or accounting software.

Step-by-step configuration of Certyneo webhooks for an ERP

Creating and registering a webhook endpoint

Configuring a Certyneo webhook is done from the dashboard, in the Settings > Integrations > Webhooks section. Here are the key steps:

1. Define the destination URL: this is the endpoint exposed by your ERP or integration middleware (e.g. a dedicated endpoint in SAP, Sage, Cegid or an iPaaS tool like n8n, Make or Zapier).
2. Select the events to listen for: for an accounting statement, prioritise at minimum `envelope.completed` and `envelope.declined`.
3. Configure the HMAC signature secret: Certyneo signs each payload with a secret key that you define. Your endpoint must verify this signature to guarantee the authenticity of notifications — a non-negotiable security step.
4. Test with simulation mode: Certyneo allows you to send a test payload without creating a real document. Check that your endpoint responds properly with an HTTP 200.

Mapping payload data to your chart of accounts

Once the endpoint is operational, you need to map the Certyneo payload fields to the fields expected by your ERP. Here's an example of mapping logic for a supplier contract:

```json { "event": "envelope.completed", "envelope_id": "env_01HX...", "completed_at": "2026-05-26T14:32:00Z", "document_url": "https://app.certyneo.com/documents/signed/...", "metadata": { "type": "contrat_fournisseur", "montant_ht": 12500, "compte_comptable": "607", "fournisseur_id": "F-2891" } } ```

The `metadata` field is freely configurable when creating the envelope via the Certyneo API. It's the key to enriching each signature with the business data necessary for automatic accounting: account number, cost centre, financial year, etc. To explore the full range of integration possibilities, consult the Certyneo help centre which lists the complete API documentation.

Managing rejections and automatic reminders

A webhook can fail if your endpoint is temporarily unavailable. Certyneo implements an exponential retry policy: if no HTTP 2xx response is received, the system retries sending at increasing intervals (5 min, 30 min, 2 h, 24 h) over a 72-hour window. Beyond that, the webhook is marked as failed and an alert is raised in the dashboard.

For accounting, this resilience is crucial: a supporting document not received in the ERP can generate a balance sheet discrepancy. It is therefore recommended to supplement the webhook mechanism with a daily reconciliation job that queries the Certyneo API to list envelopes completed in the last 24 hours and verify their presence in the accounting system.

Integration with major ERP and accounting software

Native connection with Cegid, Sage and Pennylane

Several popular accounting software publishers in France offer connectors or REST APIs compatible with Certyneo webhooks. Here are the most common integration patterns:

Cegid XRP Flex: exposes a REST API allowing you to create accounting documents and attach files. The `envelope.completed` webhook triggers a POST call to the Cegid API to create the entry and attach the signed PDF as a digital supporting document.

Sage 100cloud / Sage 50: the recommended approach uses a lightweight middleware (Python or Node.js script hosted serverless) that receives the Certyneo webhook, downloads the document via the secure URL and deposits it in Sage's automatic import folder.

Pennylane: a cloud-native solution whose API directly accepts documents with accounting metadata. The webhook-Pennylane integration is particularly suited to accounting firms centralising documents from multiple clients — a use case we detail in the scenarios section.

For teams evaluating different solutions before migrating to Certyneo, the comparison of electronic signature solutions provides a detailed view of integration capabilities by platform.

Using an iPaaS like Make or n8n for non-developers

If your organisation doesn't have a dedicated technical team, no-code/low-code automation platforms (Make, n8n, Zapier) are an effective alternative. The principle is straightforward:

1. Create a scenario with a webhook trigger on Make or n8n — the generated URL serves as the Certyneo endpoint.
2. Configure the following actions: download the signed document, parse metadata, send to Google Drive / SharePoint, create a line in a tracking spreadsheet, send a Slack notification to the accounting manager.
3. Optionally, trigger an API call to your accounting software to create the entry.

This approach allows you to achieve a high level of automation in less than a day, without writing a single line of code. It is particularly relevant for SMEs or accounting firms that want to automate document collection for their clients without mobilising a developer.

Security and audit best practices for accounting webhooks

HMAC signature verification and endpoint security

In an accounting context, the reliability of data received via webhook is critical. An attacker who managed to inject fake `envelope.completed` events could corrupt your accounting. Three security measures are essential:

• HMAC-SHA256 verification: each Certyneo request includes an `X-Certyneo-Signature` header. Your endpoint must recalculate the signature with your secret key and compare — reject any request whose signature doesn't match.
• JSON schema validation: before any processing, validate the structure and types of the received payload. A field `montant_ht` with a `null` or negative value should trigger an alert, not an incorrect accounting entry.
• Immutable logging: retain each received payload in a timestamped and non-modifiable log for at least 10 years, in compliance with accounting document retention obligations (Article L123-22 of the French Commercial Code).

Traceability and audit trail for the accountant

One of the major advantages of the webhook approach is the end-to-end traceability it generates. Certyneo produces for each signed document an audit trail compliant with eIDAS requirements, including qualified timestamp, signer IP addresses and certificates used.

By combining this audit trail with the webhook payload, your ERP can store not only the supporting document but also the proof of its legal validity. For an auditor or accountant, this dual layer — document plus proof — significantly simplifies verification during an audit or review. The electronic signature in business details the levels of signature and their probative value in different business contexts.

To calculate the return on investment of this automation before you get started, the Certyneo ROI calculator allows you to precisely estimate the time and cost savings based on your volume of signed documents.

Legal framework applicable to webhooks and digital accounting

The automation of the accounting chain via electronic signature webhooks takes place within a precise regulatory framework that must be understood.

eIDAS Regulation No. 910/2014 (and its eIDAS 2.0 revision): the European regulation on electronic identification and trust services establishes the legal value of electronic signatures. Article 25 provides that an electronic signature cannot be denied legal effect solely on the ground that it is in electronic form. Qualified signatures (QES) enjoy a presumption of reliability equivalent to a handwritten signature. For accounting documents, the appropriate signature level depends on the nature of the document: a simple invoice may use an advanced signature (AES), whilst a credit lease or electronic notarial deed requires a qualified signature.

French Civil Code, Articles 1366 and 1367: Article 1366 recognises electronic writing as evidence in the same way as writing on paper, provided that the person from whom it emanates can be properly identified and it is established and kept in conditions that guarantee its integrity. Article 1367 defines electronic signature as the use of a reliable identification process guaranteeing the connection to the deed to which it attaches. The Certyneo webhook, by transmitting the audit trail with each signed document, satisfies this requirement for identification and integrity.

Article L123-22 of the French Commercial Code: accounting documents and supporting documents must be kept for ten years. Documents received via webhook and stored in an ERP must therefore be subject to a compliant retention policy, including immutability and long-term readability of formats (PDF/A recommended by ISO 19005 standard).

GDPR No. 2016/679: webhook payloads contain personal data (names of signatories, email addresses, timestamps linked to individuals). Your endpoint and your ERP are recipients of this data — you are responsible for processing or joint responsible depending on the contractual terms with Certyneo. The DPA (Data Processing Agreement) must be formalised. The data transmitted must be minimised to the strict necessary for the accounting purpose.

NIS2 Directive (2022/2555): for businesses falling within the NIS2 scope (essential service operators, important entities), the security of API interfaces and webhooks constitutes a mandatory network security measure. HMAC verification, TLS 1.3 minimum encryption and access logging are required.

ETSI EN 319 132 standard: defines the XAdES format for advanced electronic signatures. The signatures produced by Certyneo comply with these ETSI standards, guaranteeing their interoperability with probative archiving systems compliant with the French general security framework (RGS).

Concrete use case scenarios

Scenario 1: an accounting firm managing 40 client files

A medium-sized accounting firm with around ten employees manages engagement letters, SEPA mandates and annual accounts for 40 client companies. Before integrating Certyneo webhooks, each signed document was manually retrieved by a file manager, renamed according to a naming convention, then placed in the client folder of the accounting software. This process took approximately 15 to 20 minutes per document, representing several hours per week during the closing period.

After configuring an `envelope.completed` webhook connected to their document management tool via Make, the firm automated the entire chain: as soon as signing is complete, the signed PDF is automatically filed in the corresponding client folder with the correct filename, a notification is sent to the relevant manager, and a line is created in the document receipt tracking spreadsheet. The estimated time saving is in the order of 70 to 80% on this task, meaning approximately 6 to 8 hours recovered per week during the closing period — a figure consistent with benchmarks published by the French Order of Accountants in its reports on digital transformation in accounting firms.

Scenario 2: a manufacturing SME with Sage ERP and 300 supplier contracts annually

An SME in the manufacturing sector signs approximately 300 supplier contracts per year (framework orders, amendments, confidentiality agreements). Each signed contract must be attached to a supplier record in Sage 100cloud and archived as an engagement supporting document. Without automation, the purchasing department transmitted signed contracts by email to the accounting department with an average delay of 3 to 5 business days.

After deploying a Node.js middleware receiving Certyneo webhooks and calling the Sage API, the attachment delay fell to a few seconds. Off-balance commitments are now recorded in real-time, which improved the reliability of interim statements presented to the CFO. The project was completed in less than two weeks by an internal developer, leveraging the webhook documentation from the Certyneo help centre.

Scenario 3: a group of companies managing complex inter-company flows

A group consisting of ten subsidiaries uses Certyneo to sign its inter-company treasury agreements and intra-group service contracts. Accounting consolidation requires that each signed agreement be simultaneously recorded in the system of both the sending and receiving subsidiary, with the same document identifier to facilitate the elimination of reciprocal flows.

By configuring a single webhook that notifies the endpoints of both concerned subsidiaries in parallel (identified via envelope metadata), the group eliminated consolidation discrepancies caused by missing or misidentified documents. The consolidated closing deadline was reduced by an average of 2 days, representing a significant gain for a group finance department that closes quarterly. Teams considering migration from another solution can consult the guide to migrating to Certyneo to assess technical feasibility.

Conclusion

Certyneo webhooks represent a powerful automation lever for any business seeking to integrate electronic signature at the heart of its accounting process. By eliminating manual steps between the signing of a document and its entry in the ERP or accounting software, they reduce delays, data entry errors and the risk of missing documents during a balance sheet or audit. Whether you're an accounting firm, SME or multi-entity group, webhook configuration is accessible — with or without a developer — and the return on investment is measurable within the first few weeks of use.

To learn more, consult the Certyneo help centre for access to the complete API and webhooks documentation. Ready to automate your accounting statement? Create your Certyneo account for free and connect your first signed documents to your ERP today.