Webhooks and security
Our API supports asynchronous workflows through the configuration of webhooks. We recommend implementing them for a smoother experience!
Last updated
Our API supports asynchronous workflows through the configuration of webhooks. We recommend implementing them for a smoother experience!
Last updated
When using the Vumi Finlink API, you can configure a webhook to receive updates made to your applications' connections. These updates include:
First full import of a connection.
Manual and daily updates performed on the same connection.
Events such as the generation of restore and update tokens for the same connection.
To configure a webhook, go into App Settings -> App Client. There you'll find the webhook section, where you can introduce a valid URI to which we'll send webhook messages. This URI can't be pointing to localhost, and should use https.
To ensure that your application handles webhooks efficiently, it is critical to design it to handle duplicate and out-of-order webhook events. This can be achieved by
Ensuring idempotency in the actions taken upon receiving a webhook
Avoiding reliance on a particular order of webhook receipt when using webhooks to control application state
Webhooks can be missed if there is downtime longer than the retry period. To mitigate this, implement the following practices:
Allow your application to self-heal by querying our other API endpoints for status if a webhook is not received within a specified timeframe.
Ensure that any data present in webhooks is also available through our other APIs, providing a fallback mechanism.
To increase the reliability of your webhook handling, keep your webhook receiver as simple as possible. A good practice is to design a receiver that:
Writes the webhook to a queue or reliable store.
Responds quickly to avoid failed deliveries.
Minimizes the amount of processing done in the receiver to avoid being overwhelmed during spikes in webhook traffic.
