Managing webhooks through the APIs
Webhooks are an integration capability that is offered as part of IBM® Verify. Using a webhook involves configuring an HTTP callout that originates from Verify to a configured remote system. This remote system must implement an API contract that is defined by Verify.
- Real-time
- Notification
Real-time webhooks
Real-time webhooks involve an HTTP that originates from Verify to a target system. The target system performs some realtime processing and returning a response. Verify uses this response to augment its behavior.
All real-time webhooks are started in situations where the user performs a request. As a result the request is blocked while it waits for a response from the external system. For the user experience, it is important that target systems respond to webhook calls in a reasonable time.
- Enriching access policy decisions
- Supporting more multi-factor authentication types
Notification webhooks
Notification webhooks involve an HTTP request from Verify to a target system. The target system is only responsible for acknowledging that the request was received successfully. The acknowledgment is a 200 OK message. No data from the target system is returned or acted upon by Verify.
Notification webhooks occur asynchronously from user requests.