Your login for our support center is different than your Control Panel login.

Click here to create a login for the support center

 Knowledgebase
Knowledgebase
Validating the Notification API Endpoint URL

The Notification API is a feature that allows SocketLabs On-Demand users to receive notification messages for events that occur within their SocketLabs On-Demand server such as message delivery, delivery failure, and FBL reports. In order to use this API, users must write a handler that can process and respond to notification messages via HTTP POST. This handler must be located at a public-facing URL and must be validated by the SocketLabs On-Demand Control Panel before the API can be activated for a specific server. In order to validate, the handler must support the following functionality:

  1. Accept HTTP POST messages
  2. Recognize the Secret Key field, in order to confirm that the On-Demand service is the sender of the HTTP POST message
  3. Respond to official notification messages with the Validation Key (anywhere in the response message)

Once a handler application is installed and configured at a URL, this web address should be entered into the 'Endpoint URL' field before using the Validate button. Likely reasons for this validation to process fail include:

  1. The endpoint is unreachable by the SocketLabs On-Demand system, perhaps due to being behind a firewall.
  2. The handler is not accepting HTTP POST messages.
  3. The handler is not responding to notification messages with the appropriate Validation Key.

We therefore recommend checking network security settings as well as examining the POST and POST Response data in the handler if the Endpoint URL validation initially fails. One useful online tool for debugging these issues, or for testing a handler's functionality, is http://www.hurl.it/.

Security Consideration

Although unencrypted HTTP communication is allowed for your Notification API endpoint, it is strongly encouraged that you use HTTPS for your endpoint.  Using unencrypted HTTP can pose a number of security risks.  By the nature of the data being transmitted, Notification API-related calls made to your endpoint contain your SocketLabs server ID and Secret Key, as well as PII (Personally Identifiable Information) belonging to end-users, such as email address and IP address. Insecure transfer of such data over HTTP may pose data security risks (i.e.: confidentiality and integrity).

Further questions about the Notification API should be directed to our Support Department at support@socketlabs.com.


Comments (0)
Help Desk Software by Kayako  Copyright © 2018 SocketLabs, Inc.  Terms of Service | Privacy Policy | Acceptable Use Policy