MauticͷWebhookͰͰ͖Δ͜ͱ ΞΫΠΞδϟύϯ߹ಉձࣾ ؙࢁͻ͔Δ 

● 1991೥10݄29೔ ੜ·Ε ● ಠཱܥιϑτ΢ΣΞ։ൃձࣾͰιϑτ΢ΣΞΤϯδχΞ ● ͷͪΤόϯδΣϦετͱͯ͠ϓϩμΫτͷܒ໤׆ಈ ● 2019೥8݄ ΞΫΠΞʹδϣΠϯ ● ΢ΣϒαΠτͷίϯςϯπͷ
 ٕज़຋༁΍ϩʔΧϥΠζΛ୲౰ Ruby / Rails / Web API / Docker / AWS ϥʔϝϯ / εΠʔπ / Ωϟϯϓ൧ / ొࢁ Profile ΞΫΠΞδϟύϯ ؙࢁͻ͔Δ ςΫχΧϧτϥϯεϨʔλʔ 

ຊ೔ͷ͓୊ɿ ʮMauticͷWebhookͰͰ͖Δ͜ͱʯʹ͍ͭͯ Mauticʹඪ४Ͱ༻ҙ͞Ε͍ͯΔWebhookΛར༻͢Δ͜ͱͰɺྫ͑͹ίϯλΫτ͕࡞੒͞Εͨ ΒSlackʹ௨஌͢Δɺͱ͍ͬͨMauticͰಛఆͷૢ࡞ΛτϦΨʔʹผαʔϏε΁σʔλΛૹ৴Ͱ ͖·͢ɻWebhookΛ׆༻͢Δ͜ͱͰɺϓϥάΠϯ͕༻ҙ͞Ε͍ͯͳ͍֎෦αʔϏεͰ΋؆୯ ʹ࿈ܞ͢Δ͜ͱ͕ՄೳʹͳΓ·͢ɻͦΜͳWebhookͷ࢖͍ํͱσϞΛ঺հ͠·͢ɻ 

Webhookͱ͸ʁ؆୯ʹ͓͞Β͍ Webhook͸ɺ͋ΔΞϓϦέʔγϣϯ͔ΒผͷΞϓϦέʔγϣϯʹσʔλΛૹ৴ Ͱ͖ΔΑ͏ʹ͢ΔHTTPίʔϧόοΫͰ͢ɻ σʔλͷड͚౉͠ʹؔͯ͠͸APIʹࣅ͍ͯ·͕͢ɾɾɾʁ 

Web APIͷ৔߹ Mautic mymautic.com Your App yourapp.com ᶃMauticʹAPIϦΫΤετΛૹ৴ GET https://mymautic.com/api/contacts ᶄMautic͕ίϯλΫτ৘ใΛฦ٫ {“contacts”: “ίϯλΫτ৘ใ”} ͍͍Α ίϯλΫτ৘ใ ͪΐ͏͍ͩ 

Webhookͷ৔߹ Mautic mymautic.com Your App yourapp.com ᶃYour AppͷΤϯυϙΠϯτʹ WebhookϖΠϩʔυΛૹ৴ POST https://yourapp.com/webhook {“contacts”: “ίϯλΫτ৘ใ”} {“success”: “true”} ίϯλΫτ৘ใ͕ߋ ৽͞Ε͔ͨΒͦͬͪ ʹૹ͓ͬͯ͘Α ͋Γ͕ͱ͏ʂ 

Webhookͷ৔߹ Mautic mymautic.com Your App yourapp.com ᶃYour AppͷΤϯυϙΠϯτʹWebhook ϖΠϩʔυΛૹ৴ POST https://yourapp.com/webhook {“contacts”: “ίϯλΫτ৘ใ”} {“success”: “true”} ίϯλΫτ৘ใ͕ߋ ৽͞Ε͔ͨΒͦͬͪ ʹૹ͓ͬͯ͘Α ͋Γ͕ͱ͏ʂ Web APIͷ৔߹ Mautic mymautic.com Your App yourapp.com ᶃMauticʹAPIϦΫΤετΛૹ৴ GET https://mymautic.com/api/contacts ᶄMautic͕ίϯλΫτ৘ใΛฦ٫ {“contacts”: “ίϯλΫτ৘ใ”} ͍͍Α ίϯλΫτ৘ ใͪΐ͏͍ͩ MauticͷWebhookΞΫγϣ ϯ͕ൃੜͨ͠λΠϛϯά ͰɺMautic͔ΒYour Appʹ HTTPϦΫΤετΛૹ৴͢Δ Your Appͷ೚ҙͷλΠϛϯ άͰɺYour App͔ΒMautic ʹHTTPϦΫΤετΛૹ৴͢ Δ 

֤MAϕϯμʔͷWebhookରԠঢ়گ͸ ରԠࡁΈ Googleઌੜʹฉ͍ͯΈ·ͨ͠ ະ֬ೝʢະରԠʁʣ – Marketo – Eloqua – Hubspot – SATORI
 ※ϑΥʔϜૹ৴ͷΈ – Pardot – b→dash – List Finder 

ͦΕͰ͸MauticͷWebhookͷػೳʹ͍ͭͯ ৄ͘͠ݟ͍͖ͯ·͢ 

MauticͰར༻ՄೳͳWebhookΞΫγϣϯ – ϝʔϧͷૹ৴/։෧ – ςΩετͷૹ৴ – ϑΥʔϜͷૹ৴ – ίϯλΫτͷ࡞੒/ߋ৽
 /ϙΠϯτͷมߋ/࡟আ – ϖʔδώοτ ࣍ͷΞΫγϣϯͷࡍʹɺMauticͰWebhookϖΠϩʔυΛૹ৴Ͱ͖Δ 

Webhookͷར༻ྫ – ϑΥʔϜͷૹ৴ ΞΫγϣϯΛར༻ͯ͠ɺ
 ϑΥʔϜͷૹ৴಺༰ΛGoogleεϓϨουγʔτʹసه – ίϯλΫτͷ࡞੒/ߋ৽ ΞΫγϣϯΛར༻ͯ͠ɺ
 ࡞੒/มߋ͞ΕͨίϯλΫτ৘ใΛCRMʹ౉͢ – ίϯλΫτͷϙΠϯτͷมߋ ΞΫγϣϯΛར༻ͯ͠ɺ
 MQL௨஌ΛSlackͰૹ৴ ྫ͑͹ɾɾɾ 

MauticͰར༻ՄೳͳWebhookΞΫγϣϯ – ϝʔϧͷૹ৴/։෧ – ςΩετͷૹ৴ – ϑΥʔϜͷૹ৴ – ίϯλΫτͷ࡞੒/ߋ৽
 /ϙΠϯτͷมߋ/࡟আ – ϖʔδώοτ ࣍ͷΞΫγϣϯͷࡍʹɺMauticͰWebhookϖΠϩʔυΛૹ৴Ͱ͖Δ ͜ΕΒҎ֎ͷλΠϛϯάͰ WebhookΛىಈͰ͖Δͷ͔ʁ 

MauticͰར༻ՄೳͳWebhookΞΫγϣϯ – ϝʔϧͷૹ৴/։෧ – ςΩετͷૹ৴ – ϑΥʔϜͷૹ৴ – ίϯλΫτͷ࡞੒/ߋ৽
 /ϙΠϯτͷมߋ/࡟আ – ϖʔδώοτ ࣍ͷΞΫγϣϯͷࡍʹɺMauticͰWebhookϖΠϩʔυΛૹ৴Ͱ͖Δ Webhook͸Ωϟϯϖʔϯ ಺Ͱ΋ૹ৴Ͱ͖ΔͷͰɺ͜ ΕΒҎ֎ͷ೚ҙͷλΠϛϯ άͰτϦΨʔΛҾ͚Δ Yes! You can! 

Webhookͷ࡞੒ํ๏ 

WebhookΛ࡞੒͢Δ ʔ Ұཡը໘ [ɹ] > [΢ΣϒϑοΫ] ͔Βwebhookͷ؅ཧϖʔδʹભҠ͠·͢ɻ
 ͜͜Ͱ͸webhookͷ৽ن࡞੒ɺطଘͷwebhookͷҰཡɺฤू͕ߦ͑·͢ɻ 

WebhookΛ࡞੒͢Δ ʔ ࡞੒ը໘ Mautic mymautic.com Your App yourapp.com ໊લ ͳΜͰ΋OK ΢ΣϒϑοΫͷઆ໌ ͳΜͰ΋OK Secret ޙ΄Ͳղઆ ΢ΣϒϑοΫ POST URL ͜͜ʹMautic͔Βݺͼग़ ͯ͠΄͍͠URL(ԼهͰݴ͏ͱYour AppͷΤϯυϙ Πϯτ)Λઃఆ ΢ΣϒϑοΫΠϕϯτ ͜ͷwebhook಺Ͱར༻ͨ͠ ͍ΠϕϯτΛબ୒(ෳ਺બ୒Մ) 

WebhookΛςετ͢Δ – Zapier – https://zapier.com – Mautic ΠϯςάϨʔγϣϯ͕༻ҙ͞Ε͍ͯ·͢
 – RequestBin – https://requestbin.com/ – ZapierͷΑ͏ͳαʔϏεͰ͢
 – ngrokʢݺͼํɿΤϯάϩοΫʣ – localhostͰಈ͍͍ͯΔΞϓϦέʔγϣϯΛίϚϯυҰͭͰ֎෦ʹެ։ Ͱ͖ΔπʔϧͰ͢ 

҆શʹWebhookΛར༻͢Δ WebhookϖΠϩʔυͷૹΓઌ(ྫɿYour App)΁ͷϦΫΤετ͕ɺ࣮ࡍʹ͋ͳͨ ͷMautic͔ΒૹΒΕͨ΋ͷ͔Ͳ͏͔Λ֬ೝ͢ΔͨΊʹɺWebhookͷ࡞੒தʹ γʔΫϨοτΛࢦఆͰ͖·͢ɻ γʔΫϨοτ͕ࢦఆ͞Ε͍ͯͳ͍৔߹͸ɺࣗಈతʹੜ੒͞Ε·͢ɻ 

ͳͥγʔΫϨοτ͕ར༻͞ΕΔͷ͔ Mautic mymautic.com Your App yourapp.com POST https://yourapp.com/webhook {“contacts”: “ίϯλΫτ৘ใ”} {“success”: “true”} ҎԼͷਤ͸Webhookͷେ·͔ͳྲྀΕͰ͢ ૹͬͨΑ ͋Γ͕ͱ͏ʂ 

ૹͬͨΑ ߈ܸ evilmautic.com ͳͥγʔΫϨοτ͕ར༻͞ΕΔͷ͔ Mautic mymautic.com Your App yourapp.com POST https://yourapp.com/webhook {“contacts”: “ίϯλΫτ৘ใ”} {“success”: “true”} ҎԼͷਤ͸Webhookͷେ·͔ͳྲྀΕͰ͢ ߈ܸऀ ૹͬͨΑ ͋Γ͕ͱ͏ʂ ͋Γ͕ͱ͏ʂ POST https://yourapp.com/webhook {“contacts”: “ِ෺ίϯλΫτ৘ใ”} ߈ܸऀʹΑͬͯσʔλ͕
 վ͟ΜͰ͖ͯ͠·͏ 

ૹͬͨΑ ߈ܸ evilmautic.com ͳͥγʔΫϨοτ͕ར༻͞ΕΔͷ͔ Mautic mymautic.com Your App yourapp.com POST https://yourapp.com/webhook
 Header: Webhook-Signature=XXX {“contacts”: “ίϯλΫτ৘ใ”} {“success”: “true”} γʔΫϨοτ͕͋Δͱɾɾɾ ߈ܸऀ ૹͬͨΑ ϋογϡ஋Λൺֱ͠ ͯɾɾɾҰகͨ͠ʂ ͋Γ͕ͱ͏ʂ POST https://yourapp.com/webhook {“contacts”: “ِ෺ίϯλΫτ৘ใ”} γʔΫϨοτʹΑͬͯ ૹ৴͞ΕͨWebhookϖΠϩʔυͷ ৴པੑΛূ໌Ͱ͖·͢ ϋογϡ஋Λൺֱ͠ ͯɾɾɾ
 Ұக͠ͳ͍ʂ ͜Ε͸ແࢹ͠Α͏ 

WebhookͷαϯϓϧίʔυΛಈ͔ͦ͏ 

Webhookͷαϯϓϧίʔυ MauticυΩϡϝϯτͰެ։͞Ε͍ͯΔ PHPαϯϓϧίʔυΛɺ࣮ࡍʹngrok Ͱެ։ͯ͠webhookΛಈ͔ͯ͠Έ·͢ https://developer.mautic.org/?php#examples- webhook-script 

αϯϓϧίʔυΛಈ͔ͦ͏ खॱ1. 
 ngrokΛΠϯετʔϧ͢Δ # ngrokͷΠϯετʔϧʢίϚϯυྫ͸homebrewΛ࢖༻ʣ $ brew install ngrok
 # ίϚϯυ͕࢖༻Ͱ͖Δ͔֬ೝ $ ngrok --version ngrok version 2.3.40 

# σΟϨΫτϦʹҠಈ $ cd /path/to/dir
 # ӈͷίʔυΛwebhookTest.phpͱͯ͠อଘ $ vi webhookTest.php αϯϓϧίʔυΛಈ͔ͦ͏ खॱ2. 
 αϯϓϧίʔυΛίϐʔͯ͠ɺϩʔΧϧ؀ڥʹϑΝΠϧ࡞ͬͯ഑ஔ 

αϯϓϧίʔυΛಈ͔ͦ͏ खॱ3. 
 MauticʹҠಈͯ͠ɺwebhookΛ৽ن࡞੒͠ɺγʔΫϨοτΛίϐʔ
 ʢ͜ͷ࣌఺Ͱ͸΢ΣϒϑοΫ POST URL͸ࢦఆ͠ͳ͍ʣ 

αϯϓϧίʔυΛಈ͔ͦ͏ खॱ4. 
 αϯϓϧίʔυͷ mySecret Λखॱ3Ͱίϐʔͨ͠΋ͷʹஔ͖׵͑Δ 

αϯϓϧίʔυΛಈ͔ͦ͏ खॱ5. 
 webhookTest.php͕഑ஔ͞Ε͍ͯΔσΟϨΫτϦ௚ԼͰɺ
 ϩʔΧϧ؀ڥͰαʔόʔΛىಈ # webhookTest.php͕഑ஔ͞Ε͍ͯΔσΟϨΫτϦʹҠಈ $ cd /path/to/dir
 # phpͷ؆қwebαʔόʔΛىಈ $ php -S localhost:8888 

αϯϓϧίʔυΛಈ͔ͦ͏ खॱ6. 
 ngrokͰϩʔΧϧαʔόʔΛ֎෦ެ։͠ɺੜ੒͞ΕͨURLΛίϐʔ͢Δ # ϩʔΧϧαʔόʔΛ֎෦ެ։͢Δ $ ngrok http 8888
 ngrok by @inconshreveable (Ctrl+C to quit) Session Status online Session Expires 1 hour, 59 minutes Version 2.3.40 Region United States (us) Web Interface http://127.0.0.1:4040 Forwarding http://49ab448ec357.ngrok.io -> http://localhost:8888 Forwarding https://49ab448ec357.ngrok.io -> http://localhost:8888 Connections ttl opn rt1 rt5 p50 p90 0 0 0.00 0.00 0.00 0.00 

αϯϓϧίʔυΛಈ͔ͦ͏ खॱ7. 
 mauticଆͷઃఆʹ໭ͬͯɺΤϯυϙΠϯτͱͯ͠ngrokͰ༻ҙ͞ΕͨURLΛηοτ͢Δ 

ઃఆ׬ྃʂ Ͱ͸ςετͯ͠Έ·͠ΐ͏ 

ςετʹ͓͚ΔԼ४උ webhookTest.php͕഑ஔ͞Ε͍ͯΔσΟϨΫτϦ௚ԼͰɺ
 ࣍ͷίϚϯυΛ࣮ߦ # webhookTest.php͕഑ஔ͞Ε͍ͯΔσΟϨΫτϦʹҠಈ $ cd /path/to/dir
 # ϩάϑΝΠϧΛϦΞϧλΠϜͰදࣔ͢Δ $ tail -f webhookLog_request.log 

WebhookΛςετ ʔ ਖ਼ৗܥ ςετϖΠϩʔυΛૹ৴ϘλϯΛԡͯ͠ɺ
 ͲΜͳϩά͕ग़ྗ͞ΕΔ͔֬ೝ͢Δ ← ΫϦοΫʂ ϩάϑΝΠϧΛ֬ೝ͢Δͱɺauthenticity verification OKͱදࣔ͞Ε͍ͯΔɻ → Mautic͔Βૹ৴͞ΕΔϦΫΤετʹ෇༩͞Ε͍ͯΔ Webhook-Signature ϔομͱɺwebhookTest.php ಺Ͱܭࢉ͞Εͨϋογϡ஋ΛরΒ͠߹Θͤͯ߹கͨ͠ɻ 

WebhookΛςετ ʔ ҟৗܥ ࣍͸ϦΫΤετʹ Webhook-Signature ϔομʔ͕෇༩͞Ε͍ͯͳ͍৔ ߹Λݕূɻ Postman౳ͰWebhookૹ৴ઌʹ
 POSTϦΫΤετΛૹ৴͢Δ ↓ ΫϦοΫʂ ϩάϑΝΠϧΛ֬ೝ͢ΔͱɺWebhook not authentic! ͱදࣔ͞Ε͍ͯΔɻ → ϔομͷ஋Λ֬ೝ͢Δ͜ͱͰɺ҆શͳϦΫΤετͱͦ͏Ͱͳ͍΋ͷΛৼΓ෼͚Δ͜ͱ͕ Ͱ͖ͨɻ 

·ͱΊ MauticͷWebhookʹ͍ͭͯ·ͱΊ·ͨ͠ – Webhookʹ͍ͭͯͷ͓͞Β͍ – ֤ϕϯμʔͷWebhookରԠঢ়گͷγΣΞ – Webhookͷςετπʔϧͷ͝঺հ – MauticͰར༻ՄೳͳWebhookΞΫγϣϯ – Webhookͷ࡞੒ํ๏ – ҆શʹWebhookΛར༻͢Δํ๏ – αϯϓϧίʔυͷ࣮ߦྫ ྑ͍WebhookϥΠϑΛʂ 

No content