Create iModel events webhook - Webhooks

REST API Overview

Reference

Changelog

Webhooks

Download API definition:

Create iModel events webhook

POST https://api.bentley.com/webhooks/imodels

Event Types

Currently supported webhook event types:

iModelDeletedEvent
NamedVersionCreatedEvent
ChangeSetPushedEvent
ChangesetGroupCompletedEvent
ChangesReadyEvent

On webhook creation, webhook secret is being generated. Before forwarding an event to client, secret is used together with whole event body to generate HMAC-SHA256 signature which is included in Signature request header. Before doing anything with the received event client SHOULD use its own secret copy together with the event body and generate another signature on their end to validate the event source. If both signatures are the same, event SHOULD be accepted as valid one and ignored otherwise.

Expiration

When creating a webhook expiration date time CAN be specified after which the webhook will become deactivated. If expiration time is not specified, webhook expires automatically after 30 days.

Notes

Webhook deletion is not persisted after iModel deletion. When deleting an iModel make sure to delete related webhooks as well.

Authentication

Requires Authorization header with valid Bearer token for scope webhooks:modify.

For more documentation on authorization and how to get access token visit OAUTH2 Authorization page.

Request

Request headers

Authorization

Yes

OAuth access token with scope webhooks:modify

Yes

Setting to application/vnd.bentley.itwin-platform.v1+json is recommended.

Request body

Create Webhook (iModel events)

imodelId

String

Yes

Related iModel identifier.

eventTypes

String[]

Yes

List of requested event types.

callbackUrl

String

Yes

URL where webhook events will be sent.

expirationDateTime

String

Webhook expiration date and time. If not provided will default to 30 days after the request time.

secret

String

A secret string that is used for event signature validation. Will be auto-generated if not provided.

Example

json

{
    "imodelId": "00c76c84-7170-4962-9256-2fc6c2b28851",
    "callbackUrl": "https://some-event-callback.io/events",
    "expirationDateTime": "2021-06-07T08:27:42Z",
    "secret": "custom-secret-value",
    "eventTypes": [
        "iModelDeletedEvent",
        "NamedVersionCreatedEvent",
        "ChangesetPushedEvent",
        "ChangesetGroupCompletedEvent",
        "ChangesReadyEvent"
    ]
}

Response

Response 202 Accepted

The request has been accepted for processing.

json

{
    "webhook": {
        "id": "72a10fad-103d-4e23-9a43-a4ddf2ef61cc",
        "secret": "4eb25d308ef2a9722ffbd7a2b7e5026f9d1f2feaca5999611d4ef8692b1ad70d"
    }
}

Response headers

Location

The resource location

Response 401 Unauthorized

This response indicates that request lacks valid authentication credentials. Access token might not been provided, issued by the wrong issuer, does not have required scopes or request headers were malformed.

json

{
    "error": {
        "code": "HeaderNotFound",
        "message": "Header Authorization was not found in the request. Access denied."
    }
}

Response 404 Not Found

Specified iModel was not found.

json

{
    "error": {
        "code": "iModelNotFound",
        "message": "Requested iModel is not available."
    }
}

Response 422 Unprocessable Entity

The 422 (Unprocessable Entity) status code indicates that the request cannot be processed by the server due to a client error (e.g. malformed request syntax).

json

{
    "error": {
        "code": "InvalidCreateWebhookRequest",
        "message": "Cannot create a webhook. Make sure the request body is valid.",
        "details": [{
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "imodelId"
            },
            {
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "callbackUrl"
            },
            {
                "code": "MissingRequiredProperty",
                "message": "Required property is missing.",
                "target": "eventTypes"
            },
            {
                "code": "InvalidValue",
                "message": "Provided 'eventTypes' value is not valid. It must be an array and contain at least one event type.",
                "target": "eventTypes"
            },
            {
                "code": "InvalidValue",
                "message": "Provided 'eventTypes' value is not valid. It must contain at least one event type.",
                "target": "eventTypes"
            },
            {
                "code": "InvalidValue",
                "message": "'invalid-event-name' is not valid event type.",
                "target": "eventTypes"
            },
            {
                "code": "InvalidValue",
                "message": "Provided 'expirationDateTime' value is not valid. It must be a string in ISO-8601 format.",
                "target": "expirationDateTime"
            },
            {
                "code": "InvalidValue",
                "message": "Provided 'callbackUrl' value is not valid. It must start with 'https://'.",
                "target": "callbackUrl"
            },
            {
                "code": "InvalidRequestBody",
                "message": "Request body was not provided."
            }
        ]
    }
}

Response 429 Too many requests

This response indicates that the user has sent too many requests in a given amount of time.

json

{
    "error": {
        "code": "TooManyRequests",
        "message": "More requests were received than the subscription rate-limit allows."
    }
}

Response headers

retry-after

The number of requests exceeds the rate-limit for the client subscription.

Definitions

Create Webhook Response

Webhook creation response.

webhook.id

String

Globally unique identifier of the webhook.

webhook.secret

String

Random unique secret string that will be used to compute an HMAC digest for authorized content distribution.

Create Webhook (iModel events)

imodelId

String

Related iModel identifier.

eventTypes

String[]

List of requested event types.

callbackUrl

String

URL where webhook events will be sent.

expirationDateTime

String

Webhook expiration date and time. If not provided will default to 30 days after the request time.

secret

String

A secret string that is used for event signature validation. Will be auto-generated if not provided.

Error

Contains error information.

code

String

One of a server-defined set of error codes.

message

String

A human-readable representation of the error.

target

String, null

The target of the error.

Error Response

Gives details for an error that occurred while handling the request. Note that clients MUST NOT assume that every failed request will produce an object of this schema, or that all of the properties in the response will be non-null, as the error may have prevented this response from being constructed.

error

Error

Error information.