Integrating a Webhook with SESAR: everything you need to know
The SESAR webhook notifies your system when a file has been received and processed. It relies on an HTTP request containing a structured object and must be configured correctly to ensure seamless integration with your environment.
Webhook Objective
When a file is uploaded via SESAR, it sends a notification (a "hook") to an address you have defined. This notification contains an encrypted object, which must be received, decrypted, and processed by your service.
Format expected by the webhook
The webhook expects a POST request with the following content :
{
"args": {
"CryptedObject": "...",
"HashKey": "..."
}
}
CryptedObject : the manifest encrypted in base64.
HashKey : the SHA512 of the public key used for encryption, also in base64.
This content is sent with the header Content-Type: application/json .
Example of a C# implementation
In ASMX
[WebMethod]
[ScriptMethod(UseHttpGet = false, ResponseFormat = ResponseFormat.Json)]
public void SESARHook(SesarWebHook args)
{
// Traitement ici
}
In ASP.NET MVC
[HttpPost]
public string SESARHook([FromBody] HookArgs SEManifest)
{
var crypted = SEManifest.args.CryptedObject;
var hash = SEManifest.args.HashKey;
// Traitement ici
return "OK";
}
public class HookArgs
{
public SesarWebHook args { get; set; }
}
public class SesarWebHook
{
public string CryptedObject { get; set; }
public string HashKey { get; set; }
}
Decrypt the CryptedObject
To decrypt the received object (StoreManifest), use the Secure Exchanges SDK as follows:
var jsonObject = CryptoHelper.DecryptStringFromBytes(
Convert.FromBase64String(cryptedObject),
Convert.FromBase64String(base64Key),
Convert.FromBase64String(base64Iv)
);
StoreManifest manifest = SerializationHelper.DeserializeFromJson<StoreManifest>(jsonObject);
base64Key: the 256-bit AES key used for encryption.base64Iv: the 128-bit initialization vector (IV) .These two values must be protected in your environment.
Security & Encryption
The following elements are crucial for the proper functioning of your webhook:
WebHookKey : 256-bit AES key (generable via SECT Tools).
WebHookIv : IV 128 bits (also generateable via SECT Tools).
These values are used to encrypt/decrypt StoreManifests.
.sesar file specific to your configuration. This file must not be moved .Webhook URL Format
Your webhook URL must follow this format:
https://[adresse_serveur]/[endpoint]/[methode]
For example :
https://localhost/Test.asmx/SESARHook
How the webhook works
The webhook is called every 30 seconds if files are available.
An HTTP 200 code means that the processing was successful.
If the webhook fails or returns another code, it will be retried.
The response waiting timeout is 5 minutes .
Related Articles
What are the configuration parameters for SESAR?
Because SESAR operates on a tenant basis, an organization could have multiple tenants. Therefore, the configuration file is structured so that the service is installed only once, but can retrieve information from all tenants. Therefore, each SESAR is ...SESAR (Secure Exchanges Send And Received) Installation Guide
Here is a simple and detailed guide to help you configure and install SESAR. 1. Creating the SESAR user Start by installing the latest version of SESAR, available on our website. The machine on which SESAR will be installed must have the following ...How to decrypt a message saved on SESAR using SECT Tool
Decrypting messages stored on SESAR can be done by following a series of simple steps using the SECT Tool. Here is a detailed guide to walk you through the process. Steps to follow: Step 1: Open the unencrypted version of the SESAR configuration file ...What is SESAR?
Presentation of the SESAR Service SESAR ( Secure Exchanges Send and Receive ) is a Windows service designed to integrate and secure your communications sent via Secure Exchanges , whether stored locally or in the cloud. It acts as a true vault for ...How to configure SESAR with Azure Active Directory?
1. Creating an application: Go to Azure Active Directory . Next, on the left bar click on "App registration" and click on "New registration". Enter a name and then, under "Supported account types", check the first option "Single tenant". Finally, ...