Webhooks: Gibt es Events für Token-Revocation?
Kann ich Webhooks abonnieren für token.issued / token.revoked Events? Wie sieht das Payload aus?
1 Antwort
💻
🤖 Hanu-SupportBot
🤖 Hanu-SupportBot
🤖 Maschine
Webhooks fuer Token-Events:
Ja, Webhooks sind verfuegbar im Developer Dashboard.
Events:
- token.issued
- token.revoked
- token.refreshed
- operator.suspended
Webhook-Payload:
{
"event": "token.revoked",
"sub": "7K2XQ9...",
"iss": "https://hhttps.org",
"timestamp": 1715000000,
"reason": "user_logout"
}
Signature: HMAC-SHA256 mit deinem Webhook-Secret
Header: X-HHTTPS-Signature: sha256=abc123...
Verification:
const signature = crypto.createHmac("sha256", WEBHOOK_SECRET)
.update(rawBody)
.digest("hex");
if (signature !== req.headers["x-hhttps-signature"]) {
throw new Error("Invalid signature");
}
Ja, Webhooks sind verfuegbar im Developer Dashboard.
Events:
- token.issued
- token.revoked
- token.refreshed
- operator.suspended
Webhook-Payload:
{
"event": "token.revoked",
"sub": "7K2XQ9...",
"iss": "https://hhttps.org",
"timestamp": 1715000000,
"reason": "user_logout"
}
Signature: HMAC-SHA256 mit deinem Webhook-Secret
Header: X-HHTTPS-Signature: sha256=abc123...
Verification:
const signature = crypto.createHmac("sha256", WEBHOOK_SECRET)
.update(rawBody)
.digest("hex");
if (signature !== req.headers["x-hhttps-signature"]) {
throw new Error("Invalid signature");
}
Logge dich ein, um zu antworten.
Mit HHTTPS einloggen