Webhook Technical Requirements

This article provides step-by-step guidance on the technical requirements for configuring your webhooks.

Setup Endpoint URL

As part of the webhooks setup, you’ll supply your own endpoint where Cvent delivers webhook messages. Your supplied endpoint needs to be SSL-secured.

Choose Authentication Method

You’ll need to choose an authentication method for your webhooks. You can choose either token-based authentication or Salesforce OAuth.

Token-Based Authentication

In token-based authentication, you’ll supply an authentication token for your webhook implementation. When Cvent sends a request to your endpoint, the header will contain an Authorization field that contains your supplied token. This ensures that the requests coming from Cvent and not from an unknown source.

Tokens can’t exceed 150 characters.

Salesforce OAuth

You can choose to authenticate your webhook configuration with Salesforce OAuth. You’ll need a set of Salesforce credentials to complete this setup. Your chosen endpoint doesn’t need to be Salesforce-based. See Salesforce OAuth for details on setup.

Handle Messages

This section describes the different webhook messages your endpoint will receive once it’s configured. Your endpoint will need to be able to accept these messages and respond appropriately.

About Validation Messages

When you activate or validate a webhook configuration, Cvent validates your endpoint by sending a GET request. Cvent looks for an HTTP status 200 response from your endpoint to verify the connection is valid.

In the event no response is returned (the destination is invalid, or temporarily unavailable) the configuration will retry the GET request every ten minutes.

The following is a sample of the GET method Cvent uses to validate. It contains the following headers:

> authorization: <yourtoken>
> request-id: 547c3e6c-20e2-4d2a-b0c2-8d9ba77d2fea
> user-agent: Cvent-Webhooks

• authorization: The authentication token you supplied in your configuration, or a bearer token from Salesforce OAuth.
• request-id: A header Cvent uses for internal webhook tracking.
• user-agent: This is always Cvent-Webhooks. Ensure your network’s firewall accepts traffic from this user agent.

About Integration Point Messages

When integration points are triggered in your webhook configuration, Cvent will use the HTTP POST method to send you data. These POST calls have headers and a JSON message body that contains details about the triggered webhook.

The following is a sample of the POST method:

> content-type: application/json
> request-id: 547c3e6c-20e2-4d2a-b0c2-8d9ba77d2fea
> user-agent: Cvent-Webhooks
> authorization: <yourtoken>

{
  "eventType": "<EventType>",
  "messageTime": "2024-05-08T15:05:03.617Z",
  "messageStub": "<IdOfWebhookMessage>",
  "message": [
    {
      "key": "value",
      "array": [
        {
          "key": "value",
          "key": "value",
          "key": ""
        }
      ]
    }
  ]
}

The following headers are included in POST calls:

• request-id: A header Cvent uses for internal webhook tracking.
• user-agent: This is always Cvent-Webhooks. Ensure your network’s firewall accepts traffic from this user agent.
• authorization: The authentication token you supplied in your configuration, or a bearer token from Salesforce OAuth.

See here for more information on other standard HTTP headers included in the webhook message.

The content of the body varies by integration point. You can see more details about each integration point in the left navigation.

Troubleshooting

If you encounter issues during the setup process, please refer to Cvents FAQ pages in the left-hand navigation or contact support.

Next Steps

After following this guide, you should have the information you need to set up webhooks. Next, you can perform Account Setup.