Skip to content

Webhooks

ABC Glofox supports webhooks for real-time updates. Configure each webhook to send events to one or more target URLs.

See the webhook documentation for a list of available webhooks.

Timeouts and retries

Webhooks are delivered to the configured URL as HTTP POST requests.

Timeout: The receiving endpoint must complete processing and return a response within 5 seconds, measured from connection establishment through delivery of the response. If a successful response is not received within that interval, the delivery is considered failed.

Retries: When a delivery fails, redelivery is attempted up to three times in total for the same event. Delivery is at-least-once: the same logical event may be POSTed multiple times. Implementations should be idempotent: key processing on a stable event identifier or message identifier and no-op (or return success) when that identifier has already been processed successfully.

Access webhook

The Access webhook notifies your integration when a member creates or updates a barcode. Use it to keep barcode identifiers in sync with your systems, such as access hardware or third-party apps that rely on the current barcode value. This means, this webhook is for barcode update and not for events. This means that this webhook isn't triggered for events when an access is granted or denied, but for when a member barcode is updated or created.

Summary

Access webhook: barcode create and update events. Not included: access granted or denied events.

To ensure data consistency, supplement webhooks with a daily sync. For example, listen for POST events on the member webhook and perform a daily sync using /2.0/members with appropriate filters.

Note

Webhook signature: Each webhook includes a signature header for source validation. ABC Glofox provides the secret key for webhooks with your API credentials. The signature is a hexadecimal string that uses hash-based message authentication code with the 256-bit Secure Hash Algorithm, computed as Signature = Hex( HMAC-SHA256( YourSecretKey, StringToSign ))