Account settings
Opening settings
Click your avatar in the top-right corner of any page and select Settings. The Settings page has two tabs: General and Billing & Credits.
Account information
The General tab opens by default and shows your account details:
- Email — The address associated with your account, used for magic link sign-in and email notifications.
- Account Created — The date your account was first created.
These fields are read-only. To change your email address, contact support.
Advanced — conversion quality
Select Always Use Enhanced Formatting to spend extra time producing output HTML that looks as close to the input PDF as possible.
Advanced — webhooks
Expand the Advanced section at the bottom of the General tab to configure outbound webhook notifications. Webhooks let you receive HTTP POST requests to your own server whenever a conversion completes or fails — useful for triggering downstream automation without polling the dashboard.
How webhooks work
When a file finishes converting, TheAccessiblePDF sends a signed JSON payload to each of your registered endpoints. Payloads are signed with HMAC-SHA256 using a per-endpoint secret, so your server can verify that requests are genuine and have not been tampered with.
Adding an endpoint
Click Add endpoint to expand the form, then fill in:
- Endpoint URL — The full HTTPS URL on your server that should receive the POST request (e.g.,
https://your-server.com/webhook). - Events — Choose which events trigger a delivery:
conversion.completed— fired when a file converts successfullyconversion.failed— fired when a conversion encounters an error
- Description (optional) — A short label to identify the endpoint, such as "Production notifications".
Click Add Endpoint. The signing secret is displayed once immediately after creation — copy it and store it securely. It is not shown again. If you lose it, use Rotate secret to generate a new one.
Managing existing endpoints
Each registered endpoint appears as a card showing its URL, subscribed events, creation date, and the last time it fired. From the card you can:
- Enable / disable — Toggle the switch to pause or resume deliveries without deleting the endpoint.
- Test — Send a sample payload immediately to verify your server is receiving and responding correctly. The HTTP status and response body are shown inline.
- History — View recent deliveries with their event type, status (success, failed, dropped, or queued), HTTP response code, and timestamp.
- Rotate secret — Generate a new signing secret. The old secret remains valid for one hour to allow a rolling transition.
- Delete — Permanently remove the endpoint. Deliveries in progress are not affected.
Verifying webhook signatures
Each request includes an X-Webhook-Signature header containing an HMAC-SHA256 hex digest computed from the raw request body using your endpoint's signing secret. To verify a request on your server:
- Read the raw request body as bytes (do not parse it first).
- Compute
HMAC-SHA256(secret, body)and hex-encode the result. - Compare your computed digest to the value in
X-Webhook-Signatureusing a constant-time comparison. - Reject the request if the digests do not match.
If an endpoint returns a non-2xx HTTP status, the delivery is marked failed. After 5 consecutive failures the endpoint is flagged in the UI with a failure count badge — check the History panel to diagnose the cause.