Upgrade to Pro — share decks privately, control downloads, hide ads and more …

WebHooks: The API Strikes Back

Phil Nash
March 01, 2017
Programming
1
240

WebHooks: The API Strikes Back

These days many APIs are more than just simple REST services. Nowadays, APIs want to talk back prompting further action from applications. But what is the best way to build out an API that can be demanding? We'll look at some services that use Webhooks, exploring reasons to use WebHooks and the emerging best practices. Then we'll look at the other side, implementing WebHook endpoints. Does consuming WebHooks turn an application into an API? What are the easiest ways to develop and test with WebHooks? We'll cover security, performance and standards all wrapped up with some live coded examples.

Phil Nash

March 01, 2017
Tweet

More Decks by Phil Nash

See All by Phil Nash
Four steps from JavaScript to TypeScript
philnash
3
410
JavaScript Apps Go Intl - GIDS Live 2021
philnash
2
260
You're on Mute! WebRTC and our Lives on Screen - GIDS Live 2021
philnash
1
270
Better API DX with a CLI - APIdays Jakarta
philnash
0
340
The trouble with webhooks - at Apidays Live Hong Kong
philnash
2
200
Four steps from JavaScript to TypeScript
philnash
0
390
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.9k
The trouble with webhooks - at APIdays Singapore
philnash
0
290
What's going on with Project Fugu? at DevTalks Reimagined
philnash
0
430

Other Decks in Programming

See All in Programming
Amazon Bedrock Agentsを用いてアプリ開発してみた!
har1101
0
330
Kaigi on Rails 2024 〜運営の裏側〜
krpk1900
1
190
Jakarta Concurrencyによる並行処理プログラミングの始め方 (JJUG CCC 2024 Fall)
tnagao7
1
290
ピラミッド、アイスクリームコーン、SMURF: 自動テストの最適バランスを求めて / Pyramid Ice-Cream-Cone and SMURF
twada
PRO
10
1.3k
エンジニアとして関わる要件と仕様(公開用)
murabayashi
0
280
Jakarta EE meets AI
ivargrimstad
0
520
AWS Lambdaから始まった
Serverlessの「熱」とキャリアパス / It started with AWS Lambda Serverless “fever” and career path
seike460
PRO
1
250
GitHub Actionsのキャッシュと手を挙げることの大切さとそれに必要なこと
satoshi256kbyte
5
430
距離関数を極める! / SESSIONS 2024
gam0022
0
280
レガシーシステムにどう立ち向かうか 複雑さと理想と現実/vs-legacy
suzukihoge
14
2.2k
LLM生成文章の精度評価自動化とプロンプトチューニングの効率化について
layerx
PRO
2
190
ActiveSupport::Notifications supporting instrumentation of Rails apps with OpenTelemetry
ymtdzzz
1
230

Featured

See All Featured
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
6
410
Producing Creativity
orderedlist
PRO
341
39k
The Cost Of JavaScript in 2023
addyosmani
45
6.7k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
720
Automating Front-end Workflow
addyosmani
1366
200k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.8k
The Pragmatic Product Professional
lauravandoore
31
6.3k
For a Future-Friendly Web
brad_frost
175
9.4k
Music & Morning Musume
bryan
46
6.2k
Happy Clients
brianwarren
98
6.7k
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.3k
Bash Introduction
62gerente
608
210k

Transcript

  1. WeB HookS

  2. The api StrikeS bacK

  3. Phil Nash @philnash http:/ /philna.sh [email protected]

  4. WeB HookS

  5. Today • What are WebHooks? • Sending WebHooks • Receiving

    WebHooks

  6. WHAT ARE WEBHOOKS?

  7. A long time ago, in a galaxy far, far away...

  8. None

  9. WHAT ARE WEBHOOKS?

  10. WHY USE WEBHOOKS?

  11. REAL TIME DATA

  12. http:/ /www.flickr.com/photos/25834786@N03/4585036818 - secretlondon123

  13. GETTING THE RIGHT RESPONSE

  14. WHO USES WEBHOOKS?

  15. Webhooks everywhere • Twilio • GitHub • Heroku • Braintree

    • Stripe • MailChimp • SendGrid • DropBox • ...and many more

  16. DEMO

  17. 0451 562 192

  18. SENDING WEBHOOKS

  19. BE A GOOD HTTP CLIENT

  20. CACHING AND COOKIES

  21. DEALING WITH ERRORS

  22. RETRIES OR FALLBACKS?

  23. SECURITY

  24. HTTP AUTH

  25. SIGN REQUESTS

  26. Sending Webhooks • Be a good HTTP client • Deal

    with failures • Sign requests

  27. WORKING WITH WEBHOOKS

  28. None

  29. NGROK

  30. SECURITY

  31. USE HTTPS

  32. VERIFY THE SIGNATURE

  33. SOME WEBHOOK PROVIDERS DON'T SIGN THEIR REQUESTS

  34. ¯\_( ツ)_/¯

  35. SHARE SECRETS

  36. PERFORMANCE

  37. BE GOOD TO YOURSELF AND THE WEBHOOK

  38. DELAY LONG RUNNING TASKS

  39. IDEMPOTENCE

  40. WHAT ABOUT THE RETRIES?

  41. Webhooks • Tunnelling for development • Verify signatures • Use

    HTTPS • Respond quickly to Webhooks • Idempotence

  42. Thanks! @philnash http:/ /philna.sh [email protected]