The first step to adding webhooks to your Indent integration is to build your own custom endpoint. Creating a webhook endpoint on your server is no different from creating any page on your website. With PHP, you might create a new .php file on your server; with a Ruby framework like Sinatra or Rails, you would add a new route.
We recommend considering a serverless or containerized option and a dedicated cloud account for additional levels of security isolation. Check out the Okta webhook as an example.
Webhooks should first verify the request is valid before handling any requests, then check if there's available logic to process the request and respond with a 200 HTTP status code. Here's an example in pseudocode of how Indent webhooks are structured:
Indent signs all webhook requests it sends to your endpoints with a unique signature in the
X-Indent-Signature header. This signature lets you verify that requests are from Indent and not a third party. You can verify signatures with Indent's official library, or manually using your own solution.
Indent requests also include an
X-Indent-Timestamp header to provide an extra layer of certainty when it comes to the timeliness of requests, to mitigate time replay attacks.
There are two kinds of webhooks:
- Change management — these webhooks receive Command Events like
access/revoketo provision or deprovision access in a remote system.
- Pull update — these webhooks receive a list of Resource Kinds like
myapp.v1.Adminand respond with a list of API objects to update as Resources in your Space.
Looking for a specific provider? Use one of our pre-built sample webhooks to get started.
Here is the starting point of a sample change management webhook:
Looking for a specific provider? Download one of our pre-built sample webhooks to get started.
Here is the starting point of a sample pull update webhook: