| ID | NFR-2006 |
|---|---|
| Name | Keelvar WebHook Registration and Orchestration |
| Author | Richard McArthur ( richard.mcarthur-ext@syensqo.com ) |
| Approver | Sascha Wenninger ( sascha.wenninger-ext@syensqo.com ) |
Several single execute processes need to be completed before Keelvar is able to communicate effectively with SAP Cloud Integration Suite, because of the single execution nature of these calls (for registration) they are being considered as technical configuration but doesn't form part of official configuration documents as they are required only by the Syensqo integration build to facilitate integration.
A single execution of a authenticated webservice hosted by Keelvar outlining the what/where/when of the expected notifications is set out in the below table with sample calls using POSTMAN (screenshots) for clarity. Keelvar has a well documented API's - https://docs.keelvar.app/webhook-api/docs/apis/ to use an official reference guide to all functiionality.
{
"url": "https://dev-api.syensqo.com/status",
"name": "AwardFeed",
"description": "All WebHook SCPI DEV",
"triggers": [
"AWARD_FEED_UPDATED","JOB_UPDATED","SOURCING_EVENTS_FEED_UPDATED"
],
"signing_alg": "HMAC_SHA256",
"signing_key": "tEnAvVNFx4YYTnAimo1ABwtfGNyndEM7yZwh8BZ4BrI="
}
|
Elements of the registration URL
| JSON Component | Value | Context | Comments |
|---|---|---|---|
| url | https://dev-api.syensqo.com/status | APIM endpoint and entry point into Syensqo Integration Landscape | This endpoint is exposed with no traditional Authentication |
| name | AwardFeed | Unique identifier in Keelvar | Simple descriptive name for labeling purpose only |
| description | All WebHook SCPI DEV | More information on the individual webhook | Simple description can be blank |
triggers | AWARD_FEED_UPDATED","JOB_UPDATED","SOURCING_EVENTS_FEED_UPDATED | Registration of "WHEN" this hook will be triggered in Keelvar | Keelvar triggering events |
signing_alg | HMAC_SHA256 | signing algorithum | |
signing_key | tEnAvVNFx4YYTnAimo1ABwtfGNyndEM7yZwh8BZ4BrI= | Initial "seeding" of signing key → this is not the actual signing key | real signing key is returned in the response from Keelvar |
{
"uuid": "e8309c18-4437-45d7-bc8c-0bbe137db54e",
"name": "AwardFeed",
"description": "All WebHook SCPI DEV",
"url": "https://dev-api.syensqo.com/status",
"triggers": [
"AWARD_FEED_UPDATED",
"JOB_UPDATED",
"SOURCING_EVENTS_FEED_UPDATED"
],
"signing_alg": "HMAC_SHA256",
"signing_key": "0006f99f3e831ae640596b119d85c3f097620c147296c8d2d2f1a022348ec621"
} |
| JSON Component | Value | Context | Comments |
|---|---|---|---|
| uudi | e8309c18-4437-45d7-bc8c-0bbe137db54e | Keelvar UUID of registered webhook | Used for other operations like delete |
name | AwardFeed | confirmation | |
description | All WebHook SCPI DEV | confirmation | |
url | https://dev-api.syensqo.com/status | confirmation | |
triggers | "AWARD_FEED_UPDATED", "JOB_UPDATED", "SOURCING_EVENTS_FEED_UPDATED" | trigger confirmation | |
signing_alg | HMAC_SHA256 | confirmation | |
signing_key | 0006f99f3e831ae640596b119d85c3f097620c147296c8d2d2f1a022348ec621 | actual signing key that will be used moving forward for messages propogated by this webhook | This will be used to decrypt all future inbound webhook traffic to confirm it is legitimate |
The returned signing key is stored in APIM for verification of future traffic - as this is an open service on the internet this verification step is crucial to secure operation.
Note - HTTP Verb (DELETE) and the URL is pathed to the UUID of the webhook
Note - HTTP Verb (GET), Results returned are similar to original registration response but WITHOUT the signing key
