Skip to main content
Download OpenAPI

Webhooks types

You can configure your own webhooks that A-CUBE API will call when an event happens. To manage your endpoints you can use the API or the dashboard.

Security

To ensure that the transmission of the information to your public endpoints comes from A-Cube, you can:

Configure a secret token

Configure a secret token in the event destination resource to ensure that the requests sent to your endpoints are authenticated.

  • Choose authType = query to ask A-Cube to send the token as a query parameter.
  • Choose authType = header to ask A-Cube to send the token as a header.
  • Configure the token key authKey and the token value authToken in the event destination resource.

Examples

  • In case you chose header as authType, X-Token as authKey and mysecret as authToken, A-Cube will send the token in the header X-Token: mysecret
  • While in case you chose query as authType, token as authKey and mysecret as authToken, A-Cube will send the token in the query parameter ?token=mysecret

Create a webhook

POST /event-destinations

{
"event": "legal_entity.onboarding",
"target": "put your url here",
"delivery": "webhook",
"status": "active",
"authType": "header"|"query"|"none",
"authKey": "X-Auth",
"authToken": "asdfghjk"
}

Verify the signature

Verify the signature that A-Cube sends along with the request to your webhook as explained here.

CategoryWebhook TypeWhat it does
Onboardinglegal_entity.onboardingReceive information about legal-entity onboarding status
Invoiceinvoice.outboundReceive information about invoice processing stage
Invoiceinvoice.inboundReceive information when incoming invoice is received
Invoiceinvoice.statusReceive AFNOR statuses

Example

{
  "eventId": "019e91b7-f799-7df7-a469-4824b2656b0e",
  "eventType": "legal_entity.onboarding",
  "status": "ONBOARDED",
  "legalEntityUuid": "01990000-0000-7000-8000-000000000001"
}

All the messages sent to your endpoint are sent with a POST request. We manage sending the messages to your endpoints with a queue: if your endpoint fails (we don't get a 200 response) then the webhook will retry 15 times every 300 seconds with a back-off rate of 1.25 for a total of about 10 hours.

If you want to disable endpoints during an operation you can send header X-DisableEndpoints: true. This header takes effect when sending a new customer invoice or when importing customer or supplier invoices.

Last updated on