Activation Challenge Request
Handle the activation challenge GET request.
When you register a webhook and activate it, Prelude will send you an activation challenge request.
This is a GET request to the webhook endpoint with the following query parameters:
event
: The event type. It will be alwaysactivate
.verification_token
: The verification token, you set when you registered the webhook.challenge
: A random integer.app_id
: The application ID of the webhook.
To ensure a secure integration, when you receive this request you should:
- Verify that the
app_id
is the one you’d expect. - Verify that the
verification_token
is the one you set when you registered the webhook. - Return a
200 OK
response with the challenge integer in the response body.
The webhook will be activated only after the verification challenge request is successful. If the verification challenge request fails, the GET /v2/session/apps/{appID}/webhooks/{webhookID}/activate
will fail with a 400 Bad Request
error and the webhook will not be activated.
Once the webhook is activated, you will start directly receiving events from Prelude.
Activation challenge response
The activation challenge response is a JSON object with the following properties:
The challenge you received as a query parameter in the webhook request.
1234567890