Webhook Communication
Last updated: 29 April 2020
Location
Dashboard > Select {Account} > Settings > Communication settings > Update communication settings > Configure ‘Webhook’
Trend Micro Cloud One™ – Conformity supports notifications sent via a custom webhook channel. These notifications will be sent to user-created channels with all relevant users receiving the notifications.
- Click on Create a Webhook channel.
- Set automatic notifications.
- Configure Triggers.
- Configure now will allow the addition of a Webhook channel using the following parameter
- Webhook URL: Make sure that you enter a secure Webhook URL with ‘https’
- URL cannot begin with http:// (only https://)
- URL cannot contain localhost
- URL cannot contain an IP address
-
Webhook Security Token
**Any non-base64 characters will not be accepted
Validating payloads from Conformity If you decide to set the optional security token, Conformity uses it to create a hash signature with each payload.The hash signature is passed along with each request to the url you have specified in the headers as X-Conformity-Signature.
The idea is to compute a hash using your provided security token, and ensuring that the hash from our end matches with your end. The hash signature is generated from Conformity and uses HMAC hexdigest (sha-256) so you could set up your server similar to this example below:
const signatureHash = request.headers["X-Conformity-Signature"];
const hmac = crypto.createHmac("sha256", YOUR_SECURITY_TOKEN);
const digest = Buffer.from(
hmac.update(JSON.stringify(PAYLOAD_BODY)).digest("hex")
);
const checksum = Buffer.from(signatureHash, "utf8");
if (
checksum.length !== digest.length ||
!crypto.timingSafeEqual(digest, checksum)
) {
console.log(
Request body digest (${digest}) did not match X-Conformity-Signature (${checksum})
);
throw new Error("Hashes do not match!");
}
console.log("Hashes match!");
Once the channel creation is successful, you will be able to see the Webhook channel from your Communication Settings.