Two GET operations and three POST operations are present under Webhook Subscription. These are the API for the client to consume and subscribe to the webhooks.
Get All Webhook Subscriptions - use this to get a list of all available webhooks you can subscribe to.
Get Webhook Subscriptions - use this to get more details for a single kind of subscription.
Path /WebHookSubscription/GetAllWebhookSubscriptions
Type: GET
Function: Returns a list of all Webhook Subscriptions
No parameters required
Expected Response – list of subscriptions in the following format:
Path: /WebHookSubscription/GetWebhookSubscription
Type: GET
Function: Returns detail of a specific Webhook Subscription
Parameter to set: webhookSubscriptionGUID
Parameter values: GUID value present in GUID column of tblWebhookSubscriptions table.
Expected Response – a single subscription in the following format:
Response Code: 200 :
Expected Response in case of invalid GUID: Response Code:400 - Bad Request The response should contain the below message: ‘The request is invalid’ Request:
Subscribe to Webhook - use this to subscribe to an individual webhook.
Update Webhook Subscription - use this to update an existing subscription to an individual webhook
Unsubscribe - use this to permanently delete an existing subscription for an individual webhook.
Path: /WebHookSubscription/SubscribeToWebhook
Type: POST
Function: Used to create a new subscription and the API returns the details of newly created
Webhook Subscription
Parameters:
Expected Response: Response Code:200 Expected Response – subscription data in the following format:
Note: The subscriber URL is the address of the client that will receive the webhook messages. We can use https://webhook.site/ to get the subscriber URL.
The signature should be added by the server when the subscription is created and then included in the webhook messages which are sent out.
Parameters and response as for SubscribeToWebhook plus the GUID of the WebHookSubscription to update
Takes a Webhook subscription GUID as the only parameter.
Permanently deletes a subscription from the database.
A GET API called Simulate Event is present under Webhook Test.
Parameter: any valid webHookSubscriptionGUID
Creates a test WebHook message for a provided webHookSubscriptionGUID
When an unauthorized request is sent, the APIs need to show a message stating ‘Authorization has been denied for this request’. Below is the response in case of an unauthorised request:
Quick steps to vaidate authorization:
Open the Swagger UI
Do not login to the test instance
Send a request with all the valid details
API throws an error saying Authorization has been denied
Login to the test instance
Retry the same request
API returns successful response as the request is authorized.
When an invalid request is submitted, the APIs need to return 400-Bad Request Error and display a message stating, ‘The request is invalid’. Below is the response in case of invalid requests:
General scenarios where bad request error is seen are mentioned below:
Wrong/Incorrect GUID values
Syntax errors in the Request json
Non existing values