Webhook Payload

Headers

X-Retry-Count - String

X-Freshchat-Payload-Version - String

X-Freshchat-Signature - String


Events

  1. message_create
  2. conversation_assignment
  3. conversation_resolution
  4. conversation_reopen


actor_type - user, agent, system

Message_type - normal, private


message_create


<span style="font-family: Helvetica Neue;"><span style="font-size: 14px;">{<span class="fr-marker" data-id="0" data-type="false" style="display: none; line-height: 0;"></span><span class="fr-marker" data-id="0" data-type="true" style="display: none; line-height: 0;"></span>
"actor" : {
"actor_type" : "user" ,
"actor_id" : "dbec0910-b4d6-4d81-8015-81f560a918de"
},
"action" : "message_create" ,
"action_time" : "2018-10-19T10:16:08.013Z" ,
"data" : {
"message" : {
"msg_parts" : [{
"properties" : {
"text" : "USER MESSAGE - from postman"
},
"part_type" : "text"
}],
"app_id" : "11de8840-6ce8-48ac-a418-7c2ae81a1b57" ,
"user_id" : "dbec0910-b4d6-4d81-8015-81f560a918de" ,
"id" : "ec0d0db6-55cc-46c7-aaa3-86ad1d9f8e39" ,
"channel_id" : "5c4d5425-e0e4-47be-a77d-cf81b9d34803" ,
"conversation_id" : "11de8840-6ce8-48ac-a418-7c2ae81a1b57_dbec0910-b4d6-4d81-8015-81f560a918de_feedback" ,
"message_type" : "normal" ,
"actor_type" : "user" ,
"created_time" : "2018-10-19T10:16:07.973Z"
}
}
}</span></span>


conversation_reopen


<span style="font-family: Helvetica Neue;"><span style="font-size: 14px;">{
"actor" : {
"actor_type" : "agent" ,
"actor_id" : "41c85e6d-cf41-4275-904d-545849e6f22b"
},<span class="fr-marker" data-id="0" data-type="false" style="display: none; line-height: 0;"></span><span class="fr-marker" data-id="0" data-type="true" style="display: none; line-height: 0;"></span>
"action" : "conversation_reopen" ,
"action_time" : "2018-10-22T15:31:41.858Z" ,
"data" : {
"reopen" : {
"reopener" : "agent" ,
"reopener_id" : "41c85e6d-cf41-4275-904d-545849e6f22b" ,
"conversation" : {
"conversation_id" :"b6aa207e-b55a-4499-a6ab-f6393c44c68c_1154966d-9840-4b3d-b46e-6a3cf72af093_feedback" ,
"app_id" : "b6aa207e-b55a-4499-a6ab-f6393c44c68c" ,
"status" : "reopen" ,
"assigned_agent_id" : "5cf047ca-e453-4d2e-9fba-46da60708e87"
}
}
}
}</span></span>


conversation_resolution


<span style="font-family: Helvetica Neue;"><span style="font-size: 14px;">{
"actor" : {
"actor_type" : "agent" ,
"actor_id" : "41c85e6d-cf41-4275-904d-545849e6f22b"
},
"action" : "conversation_resolution" ,
"action_time" : "2018-10-22T15:32:15.438Z" ,
"data" : {
"resolve" : {
"resolver" : "agent" ,
"resolver_id" : "41c85e6d-cf41-4275-904d-545849e6f22b" ,
"conversation" : {
"conversation_id" : "b6aa207e-b55a-4499-a6ab-f6393c44c68c_1154966d-9840-4b3d-b46e-6a3cf72af093_feedback" ,
"app_id" : "b6aa207e-b55a-4499-a6ab-f6393c44c68c" ,
"status" : "resolve"
}
}
}
}</span></span>


conversation_assignment


<span style="font-family: Helvetica Neue;"><span style="font-size: 14px;">{
"actor" : {
"actor_type" : "agent" ,
"actor_id" : "41c85e6d-cf41-4275-904d-545849e6f22b"
},
"action" : "conversation_assignment" ,
"action_time" : "2018-10-22T15:33:10.917Z" ,
"data" : {
"assignment" : {
"assignor" : "agent" ,
"assignor_id" : "41c85e6d-cf41-4275-904d-545849e6f22b" ,
"to_agent_id" : "41b3e2f0-557a-4487-8e7f-bb9afdd23cf6" ,
"to_group_id" : "68ec7949-d092-4c54-b1d1-1f598f138f45" ,
"from_agent_id" : "dee4e84a-4aff-4521-8ab2-4e11f48aab4e" ,
"from_group_id" : "42b3e2f0-557a-5487-8e3f-bw9awqrb23ef" ,
"conversation" : {
"conversation_id" : "b6aa207e-b55a-4499-a6ab-f6393c44c68c_1154966d-9840-4b3d-b46e-6a3cf72af093_feedback" ,
"app_id" : "b6aa207e-b55a-4499-a6ab-f6393c44c68c" ,
"status" : "assign" ,
"assigned_agent_id" : "41b3e2f0-557a-4487-8e7f-bb9afdd23cf6"
}
}
}
}</span></span>


Note:

Either from_agent_id and to_agent_id will be populated or from_group_id and to_group_id will be populated.


Authentication

All calls to your webhook will have the header X-Freshchat-Signature. Using the provided public key, you can verify the signature to authenticate the webhook calls.


Given below is an example code snippet to authenticate webhook calls implemented in Java:


<span style="font-family: Helvetica Neue;"><span style="font-size: 14px;">// get publicKey as String (this string is there in<span class="fr-marker" data-id="0" data-type="false" style="display: none; line-height: 0;"></span><span class="fr-marker" data-id="0" data-type="true" style="display: none; line-height: 0;"></span> our settings -> webhook page)
// in some languages you will need to trim out "--BEGIN PRIVATE KEY--" and "--END
PRIVATE KEY--" parts

public static PublicKey loadPublicKey(String publicKeyString) throws Exception {
byte [ ] data = Base64.getDecoder().decode(publicKeyString);
X509EncodedKeySpec spec = new X509EncodedKeySpec(data);
KeyFactory fact = KeyFactory.getInstance(RSA);
return fact.generatePublic(spec);
}

// pass the publicKey from above to this method, with signature and plaintext is webhook payload
// to verify if the payload and signature matches

public static boolean verify(String plainText, String signature, PublicKey publicKey)
throws Exception {
Signature publicSignature = Signature.getInstance( "SHA256withRSA" );
publicSignature.initVerify(publicKey);
publicSignature.update(plainText.getBytes(UTF_8));
byte [ ] signatureBytes = Base64.getDecoder().decode(signature);
return publicSignature.verify(signatureBytes);
}</span></span>


For a detailed description of the signing and encryption logic, refer https://niels.nu/blog/2016/java-rsa.html.