๐Ÿช

Web hooks

ย 
Creating a webhook endpoint is the same thing as creating any other page on your website. Itโ€™s an HTTP or HTTPS endpoint on your server with a URL. Please ensure that your endpoint is HTTPS when setting it up.
Set up an HTTP endpoint on your server that can accept webhook requests with a POST method. For example, this UR route in Flask maps to a Python webhook function:
How do I receive webhook data?
  1. Authenticate a user (Authentication Flow)
  1. Make sure your webhook URL is correct
๐ŸŽ‰ย Thatโ€™s it!

Webhook Signing

Kaedim will, in all requests made to your webhook, include a header kaedim-signature, which will contain a hash value unique to the request and developer ID.
The signature secret - KAEDIM SECRET - can be found in user settings next to your developer ID and API-key and can be reset at any time.
Make sure to use utf-8 encoding for the payload, and to use HEX digest for the hashing function
ย 
Example of signature verification:
๐Ÿ—’๏ธ
Please note that the following code is Node.js
const secret = "Api-Secret"; const payload = JSON.stringify(response.body); console.log(response.body.result); const devID = response.body.results.devID; const signature = JSON.parse(response.headers["kaedim-signature"]); /* { ย  t : 1235678, ย  v1:80e62bdd6bddf54905d3cd6e13940626e16aedd.... }*/ const checkSignature = crypto .createHmac("sha256", secret) .update(`${signature.t}${payload}`) .digest("hex"); if ( crypto.timingSafeEqual( Buffer.from(signature.v1), Buffer.from(checkSignature) ) ) { // Authenticity confirmed console.log("SUCCESS"); } else { // Reject response console.log("FAIL"); }
ย 
ย 

ย