Webhooks allow you to connect external apps and automations to Teams Manager and retrieve information related to specific actions occurring within the app.
For instance, you can choose to trigger the Webhook when a Team is created, which will transmit the corresponding details to your app/automation, triggering a script that would send the details to a separate database for further processing.
This is a relatively rudimentary example; in real-world scenarios, this feature could be used in a variety of different ways depending on your level of imagination and coding prowess.
Let's go through the Webhook setup and utilization process to better understand what can be gained by using them.
πͺ Webhook Setup
Navigate to Settings > Expert mode > Connected apps > Webhooks to get started.
βClick on + Add new webhook.
βSpecify the Webhook Name and Description.
βAdd a Webhook secret (optional).
βSelect a Trigger from the list. This is the action performed within Teams Manager that will prompt the system to send out the necessary information. In our case, the Request will be triggered by the the Creation of a New Space Request.
βChoose your platform of choice, it could be either Microsoft Flow or an Azure Function.
βClick Next.
βPaste the URL for your platform of choice into the box at the very top of the pop-up. The same pop-up will also display the information that will be received as a result of this Request.
βClick on Create to finalize your Webhook.
Once created, Webhooks can be Edited or Deleted by clicking the β― button next to the desired entry on the list.
π€« Webhook Secret
The Webhook Secret is a security feature that allows you to verify that the Request is actually coming from Teams Manager.
When you create a Webhook in Teams Manager, you can paste the Secret into the Webhook Secret field. If you are not sure what your password should look like, you can just generate a UUID and use it as the Secret.
When you receive a Webhook Request (provided it has a set Secret), you can retrieve the corresponding hash via the x-tm-signature header.
This hash is a hexadecimal representation of the HmacSHA256 hash of the Webhook request body and the Secret you provided.
You can generate a hash to compare it with the one you received by using the following code snippet (NodeJS / Typescript):
import * as crypto from "crypto"; // ... const hash = crypto .createHmac("sha256", "MyWebhookSecret") // Create Hmac with our secret .update(request.body) // Insert the body as message .digest("hex"); // Convert to hex console.log("Generated hash:", hash); console.log("Do hashes match (valid request):", hash === request.headers["x-tm-signature"]);
Here's how it can be done in C# (Version >= .NET 5.0 because of BitConverter):
using System.Security.Cryptography; // ... string GenerateHash(string key, string message) { var hmac = new HMACSHA256(System.Text.Encoding.UTF8.GetBytes(key)); // Create Hmac with our secret var hashAsBytes = hash.ComputeHash(System.Text.Encoding.UTF8.GetBytes(message)); // Insert the body as message and get hash as byte array var hash = BitConverter.ToString(hashAsBytes); // Convert hash bytes to hex string return hash.Replace("-", "").ToLower(); // Return modified string } var hash = GenerateHash(Request.Body, "MyWebhookSecret"); if(hash == Request.Headers["x-tm-signature"]) Console.WriteLine("Hashes match. Request is valid"); else Console.WriteLine("InvalidHash");
π Final Results
Once the Trigger Action is performed within Teams Manager, you'll receive all of the expected information on your platform of choice.
In our case, we received the Template ID, Comment, Metafields, Guest Access Settings, Policy, Team Name, Mailnickname, Description, etc. for a new Space Request.
The Webhook secret we specified earlier is also received and can be found under the x-tm-signature header.
βοΈ Need more help?
Get further assistance with Teams Manager through our support chat widget within the app, or reach out to us at [email protected].