## Purpose
To allow a Webhook Listener to be created in Business Central so that the URI can be provide to a Source application that will call the Webhook when a particular event occurs.
## Use Case
We are creating an interface with a third-party Web application that allows us to register a URL as a Webhook listener for a specific event (such as a user's phone number being updated, an order being completed, a document being signed, etc.). We create a Webhook listener to process the incoming request and update our customer record in BC, or take whatever action is required.
## Implementation Details
A new Codeunit Subtype called WebhookListener. When selected this will change the method signature of the OnRun trigger to accept an HTTPRequest and return an HTTPResponse.
codeunit 50100 MyCodeunit
{
Subtype = WebhookListener;
trigger OnRun(HttpRequest: HttpRequestMessage) HttpResponse: HttpResponseMessage
begin
end;
}
We expose the Webhook API endpoint in a similar way to how we expose a Codeunit as a Web service. We create a record in the Web Service table with Object Type = Codeunit, Object ID = 50100, ServiceName = SomeEventListener and tick the Published field.
If the subtype for the Codeunit is WebhookListener, this will create an OData V4 URL:
https://businesscentral.dynamics.com/{{tenantId}}/{{environmentName}}/companies({{companyId}})/{{serviceName}}
Once the Web service is published, any requests made to that URL (no authentication is needed) will result in the OnRun trigger of a new instance of the Codeunit being run with the HttpRequest containing the contents of the received request. It is up to the code within the codeunit to handle the request and set an appropriate response.
Comments
It's a good idea, but I don't think allowing authless endpoint is required or desired.
> any requests made to that URL (no authentication is needed) will result in the OnRun trigger of a new instance of the Codeunit being run with the HttpRequest containing the contents of the received request
Even a webhook should require authorization. The most common way I see webhooks currently is using secrets/token/hmac or basic auth. A few use oauth, but that's pretty rare, and kind of a pain anyway.
Category: Development
This would be a huge feature. Need this now!
Category: Development
Not having a way to have BC subscribe to other systems WebHook events is a huge gap. Modern applications need a way to monitor events from external systems and WebHooks are the standard in this regard (unless you want to go midevil and rely on outdated technologies such as EDI with flat file communication thru communication hubs).
Example, my vendors system can send a webhook notification when a shipment occurs against my purchase order to that vendor. The webhook has data as to what has been shipped and the estimated delivery time. If BC could consume a webhook, the logic could update expected receipt dates on the PO and perhaps notify the purchaser role of that incoming shipment.
Category: Development
Having thought about this a little more, it might be useful to include a Web service access key attached to the Web service record which would be included in the URL. This would make the final URL something like:
https://businesscentral.dynamics.com/{{tenantId}}/{{environmentName}}/companies({{companyId}})/{{serviceName}}/{{serviceAccessKey}}
Category: Development
Business Central Team (administrator)
Thank you for this suggestion! Currently this is not on our roadmap. We are tracking this idea and if it gathers more votes and comments we will consider it in the future.
Best regards,
Business Central Team