Overview
Egnyte has made it easier for its users to stay updated with important changes in their files and data through webhooks. Webhooks integration enables sending notifications automatically when certain events happen.
Egnyte has two main products that use these webhooks:
- Collaborate (Known as Connect in the webhooks repository)
- Secure & Govern (Known as Protect in the webhooks repository)
Both Connect and Protect use the same webhooks repository. Whenever an event occurs in either of these products, a webhook sends a notification accordingly. For instance, webhooks can be set up when a particular file is copied or deleted. The server added in the URL field will receive the events from the Webhook.
Prerequisites
- Only the admins can register a webhook
- Authorization token must be generated using the associated OAuth scopes in advance.
- Customer’s server should always be in the active state during the entire Webhooks lifecycle.
Event Types
Collaborate (Connect)
-
fs (File System):
- This is the most commonly used event type for Connect.
- Events related to changes in the file system, such as adding, updating, deleting, moving, copying, and renaming files and folders.
- For example - fs:add_file event will generate notifications for the user(s) whenever a new file is added in the given URL.
-
Comment:
- Events related to comments on files or folders, such as setting or removing comments.
- Example - comment:set_comment event will generate notifications for the user(s) whenever a comment is added on the provided file link.
-
Link:
- Events related to shared links, such as creating or deleting shared links.
- Example - link:create_download_link event will generate a notification whenever a new download link is created for the users.
-
meta (Metadata):
- Events related to metadata on files or folders, such as adding, updating, and deleting metadata keys.
- Example - meta:add_metadata_key event will trigger notification when metadata key is added to the provided URL.
-
Permissions:
- Events related to folder permissions, such as when permissions are changed.
- Example - permission:permission_change is the event that will trigger a notification when the permission on the specified folder is changed.
Secure & Govern Issues (Protect)
-
Create:
- This event type can be used when a new issue is created.
-
Modify:
- These are the events which can be used in scenarios when an existing issue is modified.
-
Delete:
- This event type can be used when an issue is deleted.
A webhook can be configured to include one or multiple events in a single webhook.
Sample Collaborate Webhook
Steps to Create Webhooks via POST
- Complete the authentication steps before creating the webhook.
- Create a webhook via POST by registering webhook.
- The response will appear as shown below.
- Following is the payload of the webhook to the receiver
- The webhook returns the data of the file that was added to the directory. It lists the GroupID which is the unique ID of the file that the receiver can use in order to move the file. The following command shows the GroupID to move the file into another location:
Sample S&G Webhook
- Complete the authentication steps before creating the webhook.
- Register a webhook - Here is an example POST command to register.
- The response will appear as shown below.
- The screen below shows the example webhook received from S&G
- With this webhook, it will be possible to know the issue with the unique issueID and the action can be taken on the issue accordingly. In this example the webhook has notified that an Unused group has been created.
Using sites like webhook.site for webhook registration is inherently unsafe. There are multiple security concerns involved, including but not limited to: confidentiality of the data, confidentiality of any credentials provided to the site, and a potential API abuse by a malicious attacker. Egnyte discourages using such sites.
Webhook Disabling Automation
- The retry mechanism tries to send the request 4 times to the client-server (A total of five requests are made including the original request). If there is no proper acknowledgment for these attempts from the client-server, the client webhook is disabled.
-
Conditions for a proper acknowledgment-
- The response should have a code less than 400.
- There is a timeout of 3 secs and the response is expected within this time frame.
Limitations
-
Currently, there is a limit of 10 webhooks for Connect and 3 for Protect per domain.