The 1st method - Webhook Message Consumer
Overview
- This is the first way of communication:
- To register consumer and consume events of application domain services using message gateway
- Webhook API is following the REST API guidelines
- The event messages are supported by C# Contracts nuget package
- External cloud service can consume messages by Webhook channel
See more: OIDC/OAuth2 authentication
How to consume webhook message using message gateway
- Register MessageGateway consumer for data-agent using REST API
- Register consumer(s) for event(s) to consume filtered message queue(s) via Webhook URL
- Use HTTP client to obtain payload when a message is delivered
Webhook URL template
- Consumer webhook URL is provided by developer partner, e.g.
https://yourwebhookapi.com/webhook - It is recommended to use different URL for each stage (DEMO and PROD)
POST {webhookUrl}/{messageType}/{contractType}/{messageId}
| path variable | description |
|---|---|
| messageType | name of the message type (routing key) |
| contractType | name of the class/contract |
| messageId | unique id of the message |
Webhook request headers
Sample of request headers (shortened):
Authorization: Bearer ...
Content-Type: application/json; charset=utf-8
X-MessageSecurityCode: Dx_...
X-Tenant-Id: ...
X-UserClaim-Actort: ...
X-UserClaim-client_id: ...
X-UserClaim-iss: ...
X-UserClaim-locale: ...
X-UserClaim-orgs_codes: ...
X-UserClaim-sub: ...
X-UserClaim-tid: ...
X-UserClaimsExtended: ...
| header | description |
|---|---|
| Authorization | JWT token |
| X-MessageSecurityCode | The message security code for the message. |
| X-Tenant-Id | Tenant identification . |
| X-UserClaim-Actort | Person id (Actor) in JWT standard. |
| X-UserClaim-client_id | Client identification. |
| X-UserClaim-iss | Issuer |
| X-UserClaim-locale | Language and region code with RFC 5646, ISO-639-2. |
| X-UserClaim-orgs_codes | Selected organizations (organization.code) - Organization national number|Country code. |
| X-UserClaim-sub | UserId (SSO unique identifier). |
| X-UserClaim-tid | Name for selected TenantId. |
| X-UserClaimsExtended | Extended claims |
Sample of UserClaimsExtended request header (shortened):
[
{ "Key": "nbf", "Value": "..." },
{ "Key": "idp", "Value": "..." },
{ "Key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", "Value": "..." },
{ "Key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "Value": "..." },
{ "Key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "Value": "..." },
{ "Key": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", "Value": "..." },
{ "Key": "tname", "Value": "..." },
{ "Key": "organizations", "Value": "..." },
{ "Key": "auth_orgs", "Value": "..." },
{ "Key": "auth_orgs_codes", "Value": "..." },
{ "Key": "jti", "Value": "..." },
{ "Key": "iat", "Value": "..." }
]
Webhook request body
Message is sent in HTTP body in JSON format.
Authorization
Each request to webhook consumer contains JWT token in Authorization header. JWT token is signed with RS256 algorithm. You can verify signature using modulus and exponent that you can get from configuration of identity provider.
OpenID configuration
https://[hostname]/api/asol/idp/.well-known/openid-configuration
Message acknowledgment and redelivery
Examples - OrderReleased scenario
Webhook URL
POST https://yourwebhookapi.com/webhook/ASOL.PlatformStore.OrderReleased/OrderReleased/c0eb0000-5dfe-0015-8604-08dbd6ef8bf7
| path variable | value |
|---|---|
| messageType | ASOL.PlatformStore.OrderReleased |
| contractType | OrderReleased |
| messageId | unique for each receive message |
Webhook headers
Authorization: Bearer ...
Content-Type: application/json; charset=utf-8
X-MessageSecurityCode: Dx_...
X-Tenant-Id: ASOLEU-DEV-fd9ad6b9-2f29-4c7a-9a3a-c7469e19b1ff
X-UserClaim-Actort: c042e6ad-f293-4e36-8266-574b665792ff
X-UserClaim-client_id: plaza-pass
X-UserClaim-iss: https://demo.avaplace.com/api/asol/idp
X-UserClaim-locale: cs-CZ
X-UserClaim-orgs_codes: 64949541|CZ
X-UserClaim-sub: 6388701d4a20a1c1bc1f0831
X-UserClaim-tid: ASOLEU-DEV-fd9ad6b9-2f29-4c7a-9a3a-c7469e19b1ff
X-UserClaimsExtended: [{"Key":"nbf","Value":"1698409522"},{"Key":"idp","Value":"local"},{"Key":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","Value":"petr.tomala@assecosol.com"},{"Key":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress","Value":"petr.tomala@assecosol.com"},{"Key":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname","Value":"Petr"},{"Key":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname","Value":"Tomala"},{"Key":"tname","Value":"ASOLEU-DEV"},{"Key":"organizations","Value":"fff2d400-9838-4513-9c7b-535a03bd8c94"},{"Key":"auth_orgs","Value":"fff2d400-9838-4513-9c7b-535a03bd8c94"},{"Key":"auth_orgs_codes","Value":"64949541|CZ"},{"Key":"jti","Value":"9781FBFE8F78C7F7802F494947860804"},{"Key":"iat","Value":"1698409522"}]
Webhook body
{
"orderId": "b0588700-f3a2-4bde-bbb4-d2022bf7851e",
"productId": "98fa6110-ec8b-45a4-882f-b5a1e89812ca",
"vendorCode": "64949541|CZ"
}