Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 22 Next »

About webhooks

Webhooks enable Ondato to send you real-time notifications about changes in the status if your recourses. These are POST requests to your server that are sent as soon as event occurs. The body of the request contains resource information.

Security

Ondato uses HTTPS to send these notifications as a JSON payload.

Ordering

Ondato deliver events asynchronically. Therefore, you might receive them out of order and handle them accordingly.

Webhook IP Adresses

All webhook requests will come from the following IPs:

  • 20.31.227.231

  • 20.76.229.117

  • 20.76.229.248

  • 213.226.187.101

Please make sure that these IPs are whitelisted in order to receive webhook notifications.

Retry Logic

Upon sending a webhook notification, we are waiting for a success response for 30 seconds. Otherwise, if your endpoint does not respond, the webhook is queued for retry. We use an exponential backoff retry policy for event delivery. The attempt to resend the notifications is according to the following schedule on a best effort basis:

  • 10 seconds

  • 30 seconds

  • 1 minute

  • 5 minutes

  • 10 minutes

  • 30 minutes

  • 1 hour

  • 3 hours

  • 6 hours

  • Every 12 hours up to 24 hours

If the endpoint responds within 3 minutes, we will attempt to remove the event from the retry queue on a best effort basis but duplicates may still be received.

A small randomisation is added to all retry steps and may opportunistically skip certain retries if an endpoint is down for a long period o appears to be overloaded.

Maximum number of retry attempts is 30.

When Event Grid can't deliver an event within a certain time period or after trying to deliver the event a certain number of times the event is dropped.

How to start receiving webhooks

To start receiving event notifications into your application you need to go through the following steps:

  1. Identify the events you want to monitor. Please see a full list of events in a table below.

  2. Create a webhook endpoint as an HTTP endpoint on your local server.

  3. Handle requests from Ondato.

  4. Deploy your webhook endpoint so it would be publicly accessible HTTPS URL.

  5. Contact Ondato support team to register the publicly accessible HTTPS URL and a list of events you want to monitor.

Please note that we also support multiple URLs for sending webhooks.

Requirements for webhook endpoint

Ondato needs to know where to send information about events. In order to receive webhooks you need to create a webhook endpoint and provide us with the publicly accessible HTTPS URL that would meet the following criteria:

  1. URL format: https://<your-website-name>/<your-webhook-endpoint>.

  2. URL must support POST HTTP Method.

  3. URL must support one of the available authentication flows:

    1. basic - username, password.

    2. oAuth2 - clientID, clientSecret, tokenUrl.

Events sent by Ondato will have a body in the following contract:

Atrribute

Description

Id

Webhook ID.

ApplicationId

Internal ID that identifies you in Ondato system.

CreatedUtc

Date and time when webhook was generated.

DeliveredUtc

Date and time when webhook was delivered.

IsDelivered

Status of the webhook if it was delivered or not. Possible values are true/ false.

Payload

Depending on the webhpook type attribute, the payload always returns the same information you could obtain from the GET endpoint of the recourse. E.g. of the webhook type is KycIdentification.<<any event>> then payload will contain information you could retrieve from KYC

Type

Type of the webook. It contains of two parts:

  • Recourse, e.g. KycIdentification.

  • Event, e.g. Created.

Events

You can configure the following events to trigger a message to registered webhooks:

Wehook event

Webhook is triggered when:

Webhook example

Identity Verification (IDV) resource webhooks

IdentityVerification.Consented

User accepts consent agreement on new identification.

IdentityVerification.StatusChanged

IDV status changes.

KYC Identifiation recourse webhooks

KycIdentification.Created

KYC Identification step is started by the customer.

KycIdentification.Processed

KYC Identification is completed by the customer.

KycIdentification.Approved

KYC Identification identification is manually or automatically approved.

KycIdentification.Updated

document data of KYC Identification is updated in Ondato Portal.

KycIdentification.Rejected

KYC Identification is manually or automatically rejected.

KYB Identification resource webhooks

KybIdentification.Created

Customer finished filling in business onboarding form.

KybIdentification.Approved

All KYC identifications were approved and all registries checks were successfully validated.

KybIdentification.Rejected

Not all KYC identifications were approved and/or not all registries were successfully validated.

KybIdentification.Document.Created

KYB related document entity is created in the KYB identification with status “NeedReview”.

KybIdentification.Document.Uploaded

KYB related document file is uploaded to the document entity.

KybIdentification.Document.Updated

KYB related document is verified and status is changed from “NeedReview” to “Validated”/ “Invalidated”.

KybIdentification.Document.Deleted

KYB related document is deleted from KYB identification.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.