Jiwa

The Jiwa community forums
https://forums.jiwa.com.au/

Web Hooks

https://forums.jiwa.com.au/viewtopic.php?f=32&t=1113

Page 2 of 2

Re: Web Hooks

PostPosted: Mon Oct 28, 2019 11:05 pm
by Mike.Sheen
SBarnes wrote:Further to this how would the incoming hook end up with a logged in manager to work with, as the only way I am assuming you could do it is with an api key as part of the query string held by the sender as username and password are definitely not going to work?


To answer specifically this part of your question:

SBarnes wrote:username and password are definitely not going to work?


For all intents and purposes, correct.

But not quite... If a sender to one of our routes is a webhook from another 3rd party API that has the ability to authenticate using credentials authentication (username and password), and can read that response containing the Session Id in the response and make a subsequent request passing the session id as a request header before the session times out, then it will work.

API Keys would work better, and that is what is recommended for the use case of using the Jiwa API to receive webhooks from 3rd party API's.

Re: Web Hooks

PostPosted: Wed Oct 30, 2019 12:02 pm
by SBarnes
Unless I am missing something isn’t the following passing the key as the query string


https://api.jiwa.com.au/Staff/Current/L ... uE-M8gBlA8

Re: Web Hooks

PostPosted: Fri Nov 01, 2019 2:09 pm
by Mike.Sheen
SBarnes wrote:Unless I am missing something isn’t the following passing the key as the query string


https://api.jiwa.com.au/Staff/Current/L ... uE-M8gBlA8


Yes, but you don't have to provide the API Key that way, you can use a HTTP Bearer token - which is simply a request header of the following:

Authorization: Bearer <APiKey>

In the above the request header key is "Authorization" and the value is "Bearer " and the API Appended to that.

Re: Web Hooks

PostPosted: Fri Nov 01, 2019 3:27 pm
by SBarnes
Yeah but my idea is to use it on the Query String for an incoming to Jiwa web hook where the sender doesn't support headers/authentication/logins, for example Salesforce doesn't.

Re: Web Hooks

PostPosted: Fri Nov 01, 2019 3:32 pm
by Mike.Sheen
SBarnes wrote:Yeah but my idea is to use it on the Query String for an incoming to Jiwa web hook where the sender doesn't support headers/authentication/logins, for example Salesforce doesn't.


Sure, that's fine. A lot of people prefer not to pass API Keys that way, so we just give you the choice.

And in case this terminology is what confused you - In my mind Query strings and URL parameters mean the same thing, and I often use the terms interchangeably.

Re: Web Hooks

PostPosted: Sat Nov 02, 2019 3:31 pm
by SBarnes
Just so long is it will work, which it appears it will, it will solve the problem.
All times are UTC + 10 hours [ DST ]
Page 2 of 2
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/