With Webhooks, you can receive real-time updates on connector sync statuses, as well as notifications whenever HRIS data is created or modified. This ensures you stay up-to-date with the latest changes and maintain accurate, synchronized information across your systems, enhancing your workflow efficiency and data reliability.
To create webhooks follow the intructions up ahead!
Step 1: Navigate to the “Webhooks” section from the sidebar under the “Configure” menu.
Step 2: In the “New webhook” section, enter the destination URL where you want to receive the webhook notifications in the “Destination URL” field.
Step 3: Optionally, click the “Test URL” button to ensure that your destination URL is correctly set up and can receive test data.
Step 4: Provide a meaningful name for your webhook in the “Webhook Name” field. For example, “Employee data.”
Step 5: Choose the events for which you want to receive notifications by selecting the appropriate checkboxes:
Sync start: Receive an alert when a connector’s sync starts.
Sync error: Get notified when a connector sync fails.
Sync completed: Get notified when a connector sync job is successful.
Employee model change: Receive an alert when any employee data is modified.
Data model change: Receive an alert when any data model is modified.
Step 6: Once you have filled in all the required fields and selected the notification triggers, click the “Create webhook” button to save your webhook configuration.
To secure your API endpoint, ensure it verifies that POST requests are genuinely from Bindbee and not from a malicious source, and that payloads haven’t been tampered with during transit.
You can achieve this by checking if the X-Bindbee-Webhook-Signature field in the request header matches an encoded combination of your organization’s unique webhook signature and the payload of the incoming request.
In the Webhooks configuration page, you should find a Security section where you can access your signature key. This key is unique to your organization and can be regenerated if it becomes known to an unauthorized party.
import base64import hashlibimport hmac# Replace 'YOUR_WEBHOOK_SIGNATURE_KEY' with the actual key from:# https://app.bindbee.dev/webhookssignature_key = "YOUR_WEBHOOK_SIGNATURE_KEY"request_body = request.body# Ensure the presence of a signature header in the requestif "X-Bindbee-Webhook-Signature" not in request.headers: print('Signature header missing; request may not be from Bindbee.') raise# Retrieve the signature header from the requestreceived_signature = request.headers["X-Bindbee-Webhook-Signature"]# Convert the key and request body to byteskey_bytes = signature_key.encode("utf-8")body_bytes = request_body.encode("utf-8")# Create an HMAC digest using SHA-256hmac_digest = hmac.new(key_bytes, body_bytes, hashlib.sha256).digest()# Encode the digest to base64encoded_digest = base64.urlsafe_b64encode(hmac_digest).decode()# Use `hmac.compare_digest` to compare the computed digest with the received signaturesignature_valid = hmac.compare_digest(encoded_digest, received_signature)
The webhook logs are easily visible on the webhooks tab at Bindbee dashboard.
The specific webhook logs will be visible on the individual webhook page.