Webhook

Webhook is a provision in cidaas that allows executing business specific requirements when specific events occur during the registration or login.

cidaas provides a Webhook URL (location / client's Webhook receiver) and key to be configured by the Administrator user.

Find the below pre-defined events list cidaas provides:


// The commentated Section denote the particular event description.
1: "ACCOUNT_CREATED_WITH_CIDAAS_IDENTITY" //User registered via classic login.
2: "ACCOUNT_CREATED_WITH_SOCIAL_IDENTITY" //User registered via social login.
3: "ACCOUNT_DELETED" //User details deleted by admin
4: "ACCOUNT_MODIFIED" //User details modified by user/admin.
5: "ACCOUNT_EMAIL_VERIFIED" //User verified the email.
6: "ACCOUNT_MOBILE_NO_VERIFIED" //User verified the mobile no.
7: "ACCOUNT_ACTIVATED" //User activated by admin or user.
8: "ACCOUNT_DEACTIVATED" //User activated by admin or user.
9: "ACCOUNT_SOCIALIDENTITY_ADDED" //User registered with same email id but different provider.
10: "ACCOUNT_SOCIALIDENTITY_REMOVED" //User unlink/removed the unused provider.
11: "ACCOUNT_CIDAASIDENTITY_ADDED" //User registered with same email id via classic registration.
12: "ACCOUNT_CIDAASIDENTITY_REMOVED" //User unlink the classic email id.
13: "PASSWORD_CHANGED" //User changed the password in user profile management.
14: "EMAIL_CHANGED" //User/admin change the email id.
15: "PASSWORD_RESET" //User reset the password via email.
16: "COMBINED" //Combine/link the account if the user has two account with different email id.
17: "LOGOUT" //Logout from the business.
18: "TOKEN_CHECKED" // After checked the token,if the token is valid it will trigger this event.
19: "TOKEN_RENEWED" //access_token renewed with refresh token.
20: "CODE_OBTAINED" //cidaas return the code if the business requested the responseType is code in authorization request.
21: "ACCESS_TOKEN_OBTAINED" //cidaas return the code if the business requested the responseType is token in authorization request.
22: "LOGIN_WITH_CIDAAS" //The user login with classic.
23: "LOGIN_WITH_SOCIAL" //The user login with social (facebook,google...).
24: "APP_CREATED" //New app created in cidaas.
25: "APP_MODIFIED" //App updated in cidaas.
26: "APP_DELETED" //App deleted in cidaas.
27: "GROUP_UPDATED" //The user mapped with group.
28: "LOGIN_FAILURE" //The user give the invalid credentials (username/password).
29: "ROLE_CREATED" //New role created in cidaas.
30: "ROLE_DELETED" //Role removed from cidaas.
31: "SOCIAL_PROVIDER_ENABLED" //Social provider enabled in cidaas.
32: "SOCIAL_PROVIDER_DISABLED" //Social provider disabled in cidaas.
33: "GROUP_FIRST_ADMIN_ADDED" //New or existing user added into the particular group if the no users are mapped in the particular group & the makeFirstUserAsAdminInGroup flag is enabled in tenant level
34: "GROUP_ADMIN_ADDED" //New or existing user added into the particular group with GROUP_ADMIN role
35: "GROUP_NEW_USER_ADDED" //New or existing user added into the particular group
36: "INVITE_USER" // Invite a new user into the cidaas
37: "INVITE_ACCEPTED" // User registered via invite flow
38: "GROUP_USER_ROLE_UPDATED" //User role updated
39: "GROUP_USER_REMOVED" // User role removed
40: "DEVICE_CREATED" // Device created in access control
41: "DEVICE_UPDATED" // Device updated in access control
42: "DEVICE_DELETED"// Device deleted in access control
43: "GROUP_CREATED" //Group created in cidaas
44: "GROUP_DELETED"//Group deleted in cidaas
45: "SMS_SENT" //If user verify the mobile number or verify the multi factor authentication
46: "EMAIL_SENT" //If user verify the email or verify the multi factor authentication
47: "SCOPE_CREATED" //Scope created in cidaas
48: "SCOPE_UPDATED" //Scope updated in cidaas
49: "SCOPE_DELETED" //Scope deleted in cidaas
50: "REGISTRATION_FIELD_CREATED" //Registration Field created in cidaas
51: "REGISTRATION_FIELD_UPDATED" //Registration Field updated in cidaas
52: "REGISTRATION_FIELD_DELETED" //Registration Field deleted in cidaas
53: "GROUP_TYPE_CREATED" //Group type created in cidaas
54: "GROUP_TYPE_UPDATED" //Group type updated in cidaas
55: "GROUP_TYPE_DELETED" //Group type deleted in cidaas
56: "HOSTED_PAGE_CREATED" //Hosted Page created in cidaas
57: "HOSTED_PAGE_UPDATED" //Hosted Page updated in cidaas
58: "HOSTED_PAGE_DELETED" //Hosted Page deleted in cidaas
59: "TEMPLATE_UPDATED" //Template updated in cidaas
60: "CUSTOM_TEMPLATE_CREATED" CUSTOM_TEMPLATE_CREATED -//Custom template created in cidaas
61: "CUSTOM_TEMPLATE_UPDATED" //Custom template updated in cidaas
62: "CUSTOM_TEMPLATE_DELETED" //Custom template deleted in cidaas
63: "WEBHOOK_CREATED" //Webhook created in cidaas
64: "WEBHOOK_UPDATED" //Webhook updated in cidaas
65: "WEBHOOK_DELETED" //Webhook deleted in cidaas
66: "CAPTCHA_CREATED" //Captcha created in cidaas
67: "CAPTCHA_UPDATED" //Captcha updated in cidaas
68: "PROFILE_IMAGE_UPDATED" //Profile Image updated in cidaas
69: "PROFILE_IMAGE_REMOVED" //Profile Image removed in cidaas
70: "MFA_REQUIRED" //MFA Required in cidaas
71: "USER_REGION_STARTED" //User region started in cidaas
72: "USER_REGION_IN_PROGRESS" //User Region In progress in cidaas
73: "USER_REGION_ENDED" //User Region ended in cidaas
74: "PHYSICAL_VERIFICATION_CONFIG" //User configure any physical verification like Email,SMS,FACE...
75: "PHYSICAL_VERIFICATION_REMOVED" //User removed any physical verification like Email,SMS,FACE...
76: "PHYSICAL_VERIFICATION" //User use any physical verification like Email,SMS,FACE...

Create Webhook

1. Click “Create Webhook” button.

2. Select the Webhook events from the drop down.

3. Enter the Webhook URL.

4. Enter the Webhook API-Key, as in the below screen,

5. Click “Save Changes” button, a message window popup “Webhook Saved Successfully”,

6. Click “OK” button, the webbook grid table get displayed as in the below screen,

Edit Webhook Template:

1. From the created Webhooks, click on the icon Edit Template,

2. Edit the appropriate changes

3. Click “Save” button.

Delete Webhook Template:

1. From the created Webhooks, click on the delete icon.

2. A confirmation window popup to delete the Webhooks.

3. Click “YES” button to confirm the delete or click “NO” button to cancel the delete.

Client Webhook Receiver Implementation

The Client Webhook receiver needs to handle the following:

1. Receive the event and acknowledge the cidaas Webhook event.

2. Get Access Token.

3. Get User Info.

4. Handle the Event Types.

5. Receive the Event and acknowledge the cidaas Webhook: That is, parse the payload from the cidaas Webhook event and respond back with 200 ok, if not this will appear in the failed Webhooks report.

6. Get Access Token: Use your Non-Interactive Client application's client_id and client_secret to obtain the access_token from cidaas.

7. Let us see how by using sample node js application: This is my sample node js application's folder structure

TokenResolver.js

TokenResolver.js

var request = require('request');

var getAccessToken = (config, callback) => {

    var options = {
        uri: config.token_url,
        form: {
            grant_type: 'client_credentials',
            client_id: config.client_id,
            client_secret: config.client_secret
        }
    };

    request.post(options, (error, response, body) => {
        if (error) {

            callback({
                error: error
            });
            return;
        }
        if (body && typeof body == "string") {
            try {
                body = JSON.parse(body);
                callback({
                    error: null,
                    data: body
                });
                return;
            } catch (error) {
                console.log("error while parsing");
            }
        }
        callback({
            error: "error while getting token info"
        });
    });

};

module.exports = {
    getAccessToken: getAccessToken
};

  1. Get User Info UserinfoResolver.js
var request = require('request');

var getUserInfo = (config, userId, access_token, callback) => {

    var options = {
        uri: config.userinfo_url + "/" + userId,
        headers: {
            "access_token": access_token,
            "content-type": 'application/json'
        }
    };

    request.get(options, (error, response, body) => {
        if (error) {

            callback({
                error: error
            });
            return;
        }
        if (body && typeof body == "string") {
            try {
                body = JSON.parse(body);
                callback({
                    error: null,
                    data: body
                });
                return;
            } catch (error) {
                console.log("error while parsing");
            }
        }
        callback({
            error: "error while getting user info"
        });
    });

};

module.exports = {
    getUserInfo: getUserInfo
};
  1. Handle the Event Types WebhookHandlerController.js
var HttpStatus = require('http-status-codes');
var request = require('request');
var async = require('async');
var tokenResolver = require.main.require("./Model/TokenResolver.js");
var userInfoResolver = require.main.require("./Model/UserInfoResolver.js");

var cidaasConfig = require.main.require("./Resources/conf/cidaas-service.json");

module.exports = function (app) {

    /**
     * Sample Body JSON 
     {

        "eventtype":"ACCOUNT_CREATED_WITH_CIDAAS_IDENTITY",

        "userId":"09874dac-f3bc-422a-b169-786f2a079157",

        "createTime":1472451637774,

        "providerName":"Facebook",

        "client_id":"5a5a0a92511f46a58e505d223e0eddb4"

    }
     */
    app.post("/receiver", function (req, res) {
        var requestData = req.body;
        async.parallel({
            handlewebhook: function (callback) {

                try {
                    tokenResolver.getAccessToken(cidaasConfig, (tokenResponse) => {
                        if (tokenResponse.error) {
                            callback(null, {
                                error: tokenResponse.error,
                                status: HttpStatus.INTERNAL_SERVER_ERROR
                            });
                            return;
                        }
                        userInfoResolver.getUserInfo(cidaasConfig, requestData.userId, tokenResponse.data.access_token, (userInfo) => {
                            if (userInfo.error) {
                                callback(null, {
                                    error: userInfo.error,
                                    status: HttpStatus.INTERNAL_SERVER_ERROR
                                });
                                return;
                            }

                            switch (requestData.eventtype) {
                                case "ACCOUNT_CREATED_WITH_CIDAAS_IDENTITY":
                                case "ACCOUNT_CREATED_WITH_SOCIAL_IDENTITY":
                                    console.log("New user created in cidaas ");
                                    console.log(userInfo);

                                    callback(null, {
                                        data: "New user created in cidaas ",
                                        status: HttpStatus.OK
                                    });
                                    break;

                                case "LOGIN_WITH_CIDAAS":
                                case "LOGIN_WITH_SOCIAL":
                                    console.log("User logged in Cidaas ");
                                    console.log(userInfo);
                                    callback(null, {
                                        data: "done",
                                        status: HttpStatus.OK
                                    });
                                    break;

                                default:
                                    console.log("Un handled events ");
                                    callback(null, {
                                        data: "done",
                                        status: HttpStatus.OK
                                    });
                                    break;
                            }
                        });
                    });

                } catch (error) {
                    callback(null, {
                        error: userInfo.error,
                        status: HttpStatus.INTERNAL_SERVER_ERROR
                    });
                }
            }
        }, function (error, results) {
            if (results.handlewebhook.status == HttpStatus.OK) {
                return res.status(results.handlewebhook.status).send(results.handlewebhook.data);
            } else {
                return res.status(results.handlewebhook.status).end();
            }
        });
    });


};
Note In the receiver side, you must use @JsonIgnoreProperties(ignoreUnknown=true) if you are using the strict JSON parser validation.



results matching ""

    No results matching ""