...
Resource | Description | Request Object | Response Object |
---|---|---|---|
POST /webhook | Create a new Webhook object. This object serves as registration for a Synapse user to receive events for the specified objectId. The combination of the objectId and invokeEndpoint must be unique for each Webhook. | ||
GET /webhook/{webhookId} | Get the Webhook corresponding to the provided webhookId. | None | |
PUT /webhook/{webhookId} | Update the Webhook corresponding to the provided webhookId. Note: if the invokeEndpoint is changed upon update or the webhook is re-enabled by the user, the user will be required to re-validate the webhook. If Synapse disables the webhook due to an invalid endpoint, update the endpoint using this service, then re-validate with | ||
DELETE /webhook/{webhookId} | Delete the Webhook corresponding to the provided webhookId. | None | None |
PUT /webhook/{webhookId}/valid | Validate the Webhook of the corresponding ID by providing the validation code received by invokeEndpoint upon creation/updating. After successful validation, Synapse will set | ||
GET /webhook/{webhookId}/test | Test the Webhook of the given webhookId. This will attempt to send the eventId of a generic event to the invokeEndpoint if the invokeEndpoint is valid. The user can then try retrieving the generic event through | None | |
GET /webhook/{userId}/list | List all webhookIds for a Synapse user. Each call will return a single page of WebhookRegistrations. Forward the provided nextPageToken to get the next page. |
WebhookEvent Endpoints
The following are the resources that are available on any given WebhookEvent:
...
Resource
...
Description
...
Request Object
...
Response Object
...
GET /webhook/events
...
Retrieve a batch of events by their eventIds. A common use of this service is after the initial event invocation, a user can retrieve one/many of the events they were given IDs for.
...
...
Webhook Invocation
At the time of an event the webhook should be invoked. The process should be multi-step. Once Synapse notes the event initiation, a service will create an WebhookEvent to be distributed to each receiver who has registered for it. Synapse will then distribute each event to the corresponding event-receiver’s endpoint found in their corresponding webhook object. The event will be sent as an HTTP POST request with the eventId contained in the request body. The event-receiver will have the option to require the requests to be authorized with a JWT token. A new token will be exchanged anytime an event occurs and isAuthorizationEnabled
is set to true.
The token will contain information about the Webhook (i.e. the ID of the webhook, who the intended receiver is, expiration time, and Synapse’s signature) in order for the receiver to verify the request is uniquely for them. The receiver will use a public key provided by Synapse to verify the signature. This authorization would mitigate some of the security concerns with using webhooks as it will provide a way for the event-receiver to verify the event originated from the event-generator if the event-receiver so chooses.
...
Expand | |||||
---|---|---|---|---|---|
| |||||
|
GetWebhookEventsRequest.json
Expand | ||
---|---|---|
| ||
|
GetWebhookEventsResponse.json
Expand | ||
---|---|---|
| ||
|