Skip to main content

Account settings

Opening settings

Click your avatar in the top-right corner of any page and select Settings. The Settings page has two tabs: General and Billing & Credits.

Account information

The General tab opens by default and shows your account details:

  • Email — The address associated with your account, used for magic link sign-in and email notifications.
  • Account Created — The date your account was first created.

These fields are read-only. To change your email address, contact support.

Advanced — conversion quality

Select Always Use Enhanced Formatting to spend extra time producing output HTML that looks as close to the input PDF as possible.

Advanced — webhooks

Expand the Advanced section at the bottom of the General tab to configure outbound webhook notifications. Webhooks let you receive HTTP POST requests to your own server whenever a conversion completes or fails — useful for triggering downstream automation without polling the dashboard.

How webhooks work

When a file finishes converting, TheAccessiblePDF sends a signed JSON payload to each of your registered endpoints. Payloads are signed with HMAC-SHA256 using a per-endpoint secret, so your server can verify that requests are genuine and have not been tampered with.

Adding an endpoint

Click Add endpoint to expand the form, then fill in:

  • Endpoint URL — The full HTTPS URL on your server that should receive the POST request (e.g., https://your-server.com/webhook).
  • Events — Choose which events trigger a delivery:
    • conversion.completed — fired when a file converts successfully
    • conversion.failed — fired when a conversion encounters an error
  • Description (optional) — A short label to identify the endpoint, such as "Production notifications".

Click Add Endpoint. The signing secret is displayed once immediately after creation — copy it and store it securely. It is not shown again. If you lose it, use Rotate secret to generate a new one.

Managing existing endpoints

Each registered endpoint appears as a card showing its URL, subscribed events, creation date, and the last time it fired. From the card you can:

  • Enable / disable — Toggle the switch to pause or resume deliveries without deleting the endpoint.
  • Test — Send a sample payload immediately to verify your server is receiving and responding correctly. The HTTP status and response body are shown inline.
  • History — View recent deliveries with their event type, status (success, failed, dropped, or queued), HTTP response code, and timestamp.
  • Rotate secret — Generate a new signing secret. The old secret remains valid for one hour to allow a rolling transition.
  • Delete — Permanently remove the endpoint. Deliveries in progress are not affected.

Verifying webhook signatures

Each request includes an X-Webhook-Signature header containing an HMAC-SHA256 hex digest computed from the raw request body using your endpoint's signing secret. To verify a request on your server:

  1. Read the raw request body as bytes (do not parse it first).
  2. Compute HMAC-SHA256(secret, body) and hex-encode the result.
  3. Compare your computed digest to the value in X-Webhook-Signature using a constant-time comparison.
  4. Reject the request if the digests do not match.

If an endpoint returns a non-2xx HTTP status, the delivery is marked failed. After 5 consecutive failures the endpoint is flagged in the UI with a failure count badge — check the History panel to diagnose the cause.