Content of this article
- Preliminary Remarks
- Create and Activate Callbacks
- Example Header
1. Preliminary Remarks
What are Callbacks?
Callbacks make it possible to transfer information about defined events in the plenigo system to other systems basically in real time.
When integrating plenigo, it may be desirable for third-party systems receive information about events that occur in the plenigo system so that these third systems can perform actions accordingly. In this case, callbacks for certain events can be defined in the Merchant Backend. Creating and managing these callbacks takes place in the client.
Note on data protection:
When using most of the callback types, personal data is transferred to other systems. The receiving system can therefore be defined as an additional commissioned data processor from the perspective of the applicable jurisdiction. This should be taken into account when using callbacks.
You can find examples for payloads in the following entry:
2. Create and Activate Callbacks
Create a callback (without authentification)
-
Enter the URL of Webservice.
Once the URL has been entered, the checkbox Enabled can be ticked to activate the callback. - Select the Callback type using the drop-down menu (e. g. "Create customer").
- Save settings.
Create Callback (with authentification)
Note: We recommend using the security mechanism through authentifcation. |
- Activate Endpoint requires authentification checkbox.
-
Method 1: Authentification with user name and passwordBy using a basic authentification with a user name and password, the data transmission can be secured. In most cases, the receiving system defines the authentication data. When using the secured callback, the authentication data is included in every request from plenigo.
-
Method 2: Authentification with HTTP Header
HTTP headers can also be used for authentication against a service.To do this, enter one or more key-value pair(s).
After saving, the plenigo system automatically creates a callback secret for each callback which can be viewed by expanding the callback information.
3. Example Header
In the following example, both method 1 and method 2 have been used as security mechanism.
In the plenigo Mercahnt Backend, the settings look as follows:
The authentication is transmitted in the header of the callback. The bold values is the authentication data that has been set in the plenigo Merchant Backend.
Furthermore, each callback is signed with a plenigo-signature. The instruction on how to check the signature can be found in the following entry:
| Headers | |
|---|---|
| accept-encoding | gzip |
| x-plenigo-api-version | 20240827 |
| plenigo-signature | t=1729583536,s=fdcd0a0ccd0b4db629d35a33c3aada5cf669a28f91adb38abcc9ffcdb1663d38 |
| key | value |
| content-type | application/json |
| authorization | Basic cGxlbmlnb190ZXN0OjEyMzQ1Njc4OQ== |
| accept | application/json |
| content-length | 686 |
| user-agent | go-resty/2.15.3 (https://github.com/go-resty/resty) |
| host | webhook.site |
| php-auth-user | plenigo_test |
| php-auth-pw | xxxxxxx |