Connect Segment
import { Steps, Tabs, TabItem, Aside } from “@astrojs/starlight/components”;
Connecting Segment lets your Segment track/identify events start or advance your
flows, and lets a flow’s integration action post events back into
your Segment source. It’s scoped entirely to your account: your own secret (inbound) and your
own write key (outbound), pointing at your own Segment workspace.
your 2mee account ── inbound ── https://hooks.2mee.com/v1/in/{yourInboundKey} ◀── your Segment webhook (your secret) ── outbound ─▶ https://api.segment.io/v1/track ──▶ your Segment source (your write key)Choose a method
Section titled “Choose a method”You paste a URL and secret we generate into a Webhook destination in Segment. Available today; works with any Segment workspace.
You enable a published “2mee” Destination from Segment’s catalog, with in-app field mapping and managed authorisation — no secret to copy. This is the friendlier option and is coming. Until it ships, use the generic webhook method; both land on the same connection, so you won’t have to redo your flows.
Connect with the generic webhook method
Section titled “Connect with the generic webhook method”-
Create the connection in 2mee. In the portal, open Settings → Integrations → Connect → Segment. 2mee creates the connection and shows you a unique inbound URL and a shared secret. Copy both.
Inbound URL: https://hooks.2mee.com/v1/in/ik_8s9d...Secret: whsec_… (shown once — store it now) -
Add a Webhook destination in Segment. In your Segment workspace, add a Webhook destination on the source you want to send from. Set the URL to the inbound URL above, and set the shared secret to the secret above. Segment signs each delivery with it.
-
Pick a Source for 2mee to write into (outbound). Choose or create the Segment Source you want flow events to land in, and copy its Write Key.
-
Paste the Write Key into 2mee. Back in the connect screen, paste the Write Key. 2mee encrypts it and uses HTTP Basic auth (
Authorization: Basic base64("{writeKey}:")) to call Segment’s Tracking API. -
Map fields and choose events. Map Segment traits/properties to visitor attributes (sensible defaults are pre-filled, e.g.
traits.email→ email,traits.phone→ mobile), and choose which events sync each way. -
Test the connection. Use Test connection: 2mee posts a sample
trackto your source and shows the last event it received inbound. When both pass, the connection flips to active.
What happens inbound
Section titled “What happens inbound”- Segment POSTs each
track/identifyevent to your inbound URL. - 2mee resolves your connection from the URL, decrypts your secret, and verifies Segment’s
signature (Segment uses HMAC-SHA1 in an
x-signatureheader — 2mee handles this for you). - The event is deduped on Segment’s
messageId, normalised into the ingest contract, and runs your flow.
What happens outbound
Section titled “What happens outbound”A flow’s integration action with operation segment.track or segment.identify posts into
your source:
{ "userId": "<your Segment userId for this visitor>", "event": "Experience Goal Reached", "properties": { "plan": "pro" }, "messageId": "msg_… (stable, idempotent)", "timestamp": "2026-06-18T10:00:00Z"}userId/anonymousIdcome from the visitor’s stored Segment identity (recorded inbound).- Delivery rides the reliable substrate: 2xx is success,
Segment
4xxis treated as fatal (not retried),429/5xx/timeouts are retried andRetry-Afteris honoured. Every attempt is logged.
Identity
Section titled “Identity”2mee stores the Segment userId and anonymousId against the visitor on the way in, and reads
them back on the way out, so an inbound identify and a later outbound track target the same
Segment user. If no Segment id is known for a visitor, 2mee falls back to anonymousId or holds
the work. See visitors & participants.
Troubleshooting
Section titled “Troubleshooting”| Symptom | Likely cause |
|---|---|
Inbound 401 | The secret in Segment doesn’t match the connection’s secret. Re-copy or rotate. |
Inbound 404 | The URL is wrong or the connection was deleted. |
| Every batch rejected | Make sure you’re on a current connection — batch-signature handling is built in. |
Outbound 4xx in the log | Bad write key or malformed event — fix and re-test (4xx isn’t retried). |
Related
Section titled “Related”- The reference behind this: the ingest API · event types.
- The other method: generic webhook setup.