WEBHOOKS

WebHooks are a way for web apps to get notification when something changes in your remote device, rather than continually polling for that data and receiving nothing valuable most of the time. The concept of a WebHook is simple.

A WebHook is an HTTP POST that occurs when something happens:

MAP
active channels status or settings are changed

LOG
a new event is traced into log file

USERS
user(s) is (are) created or modified

RULES
rule(s) is (are) created or modified

To activate a WebHook you must specify the URI to call within the device settings.

PARAMETERS

SMM - webhook - map	STRING	URI FOR WEBHOOK NOTIFICATION \| MAP CHANGES
- log	STRING	URI FOR WEBHOOK NOTIFICATION \| NEW LOG TRACE
- users	STRING	URI FOR WEBHOOK NOTIFICATION \| NEW OR MODIFIED USER(S)
- rules	STRING	URI FOR WEBHOOK NOTIFICATION \| NEW OR MODIFIED RULE(S)

HMAC

HASH BASED MESSAGE AUTHENTICATION CODE

You can verify the authenticity of the request by looking at 2 additional headers:

X-Avior-Timestamp
number of seconds since 00:00:00 UTC on January 1, 1970 (according to Wikipedia)

X-Avior-Signature
HMAC-SHA256 hash of timestamp string using the password as a secret key

This lets your app verify that the notification really came from Avior Cloud Server.

It's a good idea (but not required) that you check timestamp to verify that notification is recent and the validity of the signature before processing the notification.

See ENCRYPTION for details.

HMAC information on Wikipedia