Webhooks allow you to build or set up integrations that subscribe to certain Console events. When one of those events is triggered, the Console will send an HTTP POST payload to the webhook's configured URL.
Webhooks can be installed on a Console instance, a specific company, or a specific project. Once installed, the webhook will be sent when one or more subscribed events occur.
You can subscribe to events on the Console using the CMS.
The collection will be found below the new label inside the menu.
Events category, click on the
Webhooks section and then on
Add new to create a new webhook subscription.
You will be asked to provide the following parameters:
|If specified, only events triggered inside the specified company will be delivered to the target URL. Must be a company identifier.|
|If specified, only events triggered inside the specified project will be delivered to the target URL. Must be a project identifier.|
|✅||The name of the event to listen to. See the event types page.|
|✅||The HTTP URL that will be called when the event is triggered (e.g., https://service-name/api-that-receives-the-event/).|
|The Certificate Authority exposed by the target URL encoded in base64.|
|✅||The shared secret used to authenticate the events payload.|
|The URL of the proxy.|
The payload delivered by the Console will be authenticated using the
X-Mia-Signature header. This will both prevent the modification of the payload by third-parties and allow the receiver to make sure that the event has been triggered by the Console.
This authentication method is not safe against replay attacks.
It is recommended to store the latest
eventTimestamp on the receiver side to prevent this attack.
X-Mia-Signature header will contain the hex encoded
sha256 digest of the event payload concatenated with the provided
secret. In formula:
X-Mia-Signature = hex(sha256( payload + secret ))