Webhooks
Webhooks that imin will call of your Broker in relation to Customer Management
Auth Set-up
To ensure that a webhook is being called by imin, we'll set up an API key that imin will use to call your API.
Note: This won't be the same as the API key that you use to call imin's API.
We'll pre-arrange this API key and then use it in our webhooks.
Please only allow calls with the known API Key.
Customer Detail Change
POST
https://yourapihere.com/path/of/your/choosing
Headers
X-Api-Key
string
imin's API Key for using your API
Request Body
@id
string
URL of the GET Customer Account endpoint for this customer
identifier
string
Customer Identifier
Example request:
This webhook will be called in the following cases:
Seller Account has been disconnected.
Customer details updated in a Seller Account.
Access Pass updated in a Seller Account.
Hidden Entitlement change in a Seller Account
Entitlement removal following rejected Evidence Request
When this webhook is received, call Get Customer Account in order to find out what has changed. A single webhook can indicate any number of the changes listed above, so it is recommended that all notifications are processed every time a webhook is received.
Webhooks that trigger user interaction are vulnerable to replay attacks. We advise, when processing a webhook request, storing the @id
of customer update notifications to prevent this.
Last updated