The Sidebar App loads data in real time from your internal systems into the Enchant ticket side bar.
When enabled, a real time HTTP request is made to a URL of your choice whenever a ticket is displayed. The results of the HTTP request will be cleaned up and loaded into the sidebar in Enchant.
We send a server-to-server HTTP POST to the provided endpoint. The POST body contains a JSON encoded customer record, in the same format as our public API.
The request includes a special header Enchant-Signature that is a SHA256 HMAC, signed with a shared secret key. This can be used to verify the request is from our servers.
Your endpoint should return a 200 HTTP status code with HTML body. We'll sanitize the HTML (strip CSS/Javascript, balance tags, etc) and inject it into the Enchant sidebar.
The accepted HTML tags are: a, b, i, em, strong, hr, ul, ol, li, br, div, p
In PHP:
$payload = file_get_contents('php://input');
$parsed_payload = json_decode($payload);In Ruby:
payload = request.body.read
parsed_payload = JSON.parse(payload)The request also includes a special header Enchant-Signature that is a SHA256 HMAC, signed with a shared secret key. The secret key is provided to you in the Webhooks app settings.
You can validate the request by recalculating the signature and verifying it is the same as the one we provided.
In PHP:
hash_hmac('sha256', $payload, $secret_key);In Ruby:
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), secret_key, payload)