Reference
Webhook trigger: Configuring Pendula with third party applications
A webhook is a way for an application to automatically exchange real-time data with other applications. It functions as an HTTP request triggered by an event in a source application and sent to a destination application with a data payloadInsert definition here. However, the process of setting up webhooks can vary based on the capabilities of the third-party applications involved.
What are configuration methods?
Configuration methods refer to the different ways you can set up and manage the parameters required for integrating Webhooks with third-party applications. These parameters typically include the webhook URL (where the webhook data is sent), authentication details, and any custom headers needed for the requests. Webhook URL is a specific type of HTTP callout URL used for webhooks, where the URL is designated to receive automated HTTP requests triggered by specific events in the source system.
While many third party apps can trigger webhooks, how simple or complex this is will depend on the third party app itself. Below are different configuration methods, starting with the simplest:
Configuration within Third Party via Basic Auth
Using Basic Authentication is a secure way to ensure that only authorised systems can communicate with the webhook trigger. This configuration is ideal when the third party allows specifying both an HTTP Callout URL and Basic Authentication details (username and password).
-
HTTP Callout URL
This is the endpoint where the third party will send HTTP requests. Specify Pendula’s inbound webhook URL in the third party system’s settings.
-
Basic Authentication
Use a combination of a username (typically the tenant ID) and a password (Pendula’s Inbound API token) for authentication. These credentials should be included in every request to ensure secure communication.
Example configuration
Webhook URL: <https://api.pendula.com/webhook>
Username: tenant123
Password: api_token_abc123
To test the configuration, you can use a curl
command to simulate a POST request with Basic Authentication:
curl -X POST <https://api.pendula.com/webhook> \\
-u tenant123:api_token_abc123 \\
-H "Content-Type: application/json" \\
-d '{"event":"customer_update","data":{"id":"1234","status":"active"}}'
-
X POST:
Indicates that the request method is POST. -
u tenant123:api_token_abc123:
Supplies the Basic Authentication credentials (username:password). -
H "Content-Type: application/json":
Sets the request header to indicate that the body content is in JSON format. -
d '{"event":"customer_update","data":{"id":"1234","status":"active"}}':
Provides the actual data being sent in the request body, formatted as JSON.
Other methods
Configuration within Third Party via Custom Headers
Use this if the third party allows specifying:
- HTTP Callout URL - This is where the Pendula’s Inbound webhook URL can be specified.
- Custom Header to be attached on every request. This is another way of specifying Pendula’s Inbound API token.
Example configuration
Webhook URL: <https://api.pendula.com/webhook>
Custom Header:
Key: Authorization
Value: Bearer api_token_abc123
curl -X POST <https://api.pendula.com/webhook> \\
-H "Authorization: Bearer api_token_abc123" \\
-H "Content-Type: application/json" \\
-d '{"event":"customer_update","data":{"id":"1234","status":"active"}}'
Calling via a Simple HTTP Proxy Server
Use this if the third party:
- Does not allow specifying an http callout url
- Allows a HTTP proxy application to be running in their tech stack
To set this up, a proxy server must be configured to receive requests. The proxy server then forwards requests to Pendula.
Calling via a Simple Intermediary Application
Use this if the third party does not allow specifying an HTTP callout URL and requires integrations to follow an app approach.
To set this up, an intermediary app must to configured to receive and forward requests to Pendula. An intermediary app may process and modify the data before forwarding.
Configuration via Third Party Code
Use this if third party integrations are specifying using a code configuration approach. The code would send authenticated requests to Pendula.