Webhooks let you register a URL that we will notify anytime an event happens in your account. When the event occurs—for example, when a ticket is created, Qminder sends a POST request to the URL.
Qminder uses uses a HMAC signature to help you authenticate all webhook requests. The signature is included in the request header with the key "X-Qminder-Signature".
The signature is created in these steps
- Assemble string using the webhook URL and body of the POST request (URL + body, in that order),
- Hash the string with HMAC-SHA256 (using your secret key),
- Hex digest the hashed string to get the signature.
If you wish to test this functionality for development, you should do it with RequestBin.
Simply create a new RequestBin and add the endpoint under Account -> Webhooks in the Qminder Dashboard.