Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Go to Haptik Website
  • Contact Us
  • Home
  • Deployment
  • Bot as an API

What are the security protocols to follow for using APIs?

Written by Medha Anand

Updated on August 23rd, 2021

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Getting Started
    Build Deploy Analyse Manage Account Bot Deactivation
  • Bot Building
    Essentials Smart Skills Steps User Messages Bot Responses Entities Connections Customisations User feedback collection Testing Whatsapp Bots NLU Bot Maintenance
  • Conversation Design
    Design Basics Design Guides Designing for Platforms Designing WhatsApp Bots
  • Developer Guides
    Code Step Integration Static Step Integration Shopify Integration SETU Integration Exotel Integration CIBIL integration Freshdesk KMS Integration PayU Integration Zendesk Guide Integration Twilio Integration Razorpay Integration LeadSquared Integration USU(Unymira) Integration Helo(VivaConnect) Integration Salesforce KMS Integration Stripe Integration PayPal Integration CleverTap Integration Fynd Integration HubSpot Integration Magento Integration WooCommerce Integration Microsoft Dynamics 365 Integration
  • Deployment
    Web SDK WhatsApp Facebook Instagram Sunshine Conversation LINE Google Business Messages Telegram MS Teams Bot as an API iOS SDK Android SDK
  • Agent Setup
    Haptik's Smart Agent Chat Zendesk Chat Salesforce Service Cloud Freshchat Zoho NICE CXOne Gorgias
  • Analytics & Reporting
    Intelligent Analytics
  • Notifications
    SMS Notifications Success Measurement
  • Commerce Plus
    Catalog Integration Bot Building Guide Channel Deployments Unified ML Pipeline Documentation
  • Troubleshooting Guides
    Error Messages FAQs
  • Release Notes
+ More

Table of Contents

Webhook RequirementsSecurity RequirementsError Handling and Recovering

Due to the critical and confidential nature of the data being exchanged, all clients must adhere to the stated rules for implementing a webhook to eliminate potential risks.

Webhook Requirements

Your webhook should meet the following minimum performance requirements

  • Must be an HTTPS endpoint
  • Respond to all webhook events with a 200 OK
  • Respond to all webhook events in 5 seconds or less

Security Requirements

The HTTP request will contain an X-Hub-Signature header which contains the SHA1 signature of the request payload computed using the HMAC algorithm and the secret_key shared in advance, and prefixed with sha1=.

Your callback endpoint should verify this signature to validate the integrity and origin of the payload.

Error Handling and Recovering

If any of the below 3 conditions are observed by Haptik Systems when:

  1. We cannot connect to your webhook
  2. Your webhook takes more than '5' seconds to return the response
  3. Your webhook returns non 2xx status code

then

  1. We will retry the request 6 times over the course of 60 minutes (Retry intervals: 5 seconds, 25 seconds, 125 seconds, 625 seconds, 1410 seconds, 1410 seconds).
  2. If the repeated webhook call are unsuccessful even after the last attempt we will automatically disable the webhook.
  3. Once the webhook is disabled, then new requests will be queued for a max duration of 60 minutes. Once the webhook is enabled by you, then we will attempt to deliver the requests.
  4. You can visit the Haptik Dashboard or use the REST API to activate the webhook if it is disabled.
Delete

Note

There can be multiple delivery requests within a short time span and it is the client's responsibility to maintain ordering and QoS in case of failure to accept messages.

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • How to ensure API security?
  • What is Bot as an API?
  • How to deploy a bot using Bot as an API?
  • How to re-enable Webhook if it gets disabled?

Platform

  • Conversation Studio
  • Smart Skills
  • Advanced NLU
  • Intelligent Analytics
  • Omnichannel
  • Smart Agent Chat
  • Enterprise Security
  • Integrations

Solutions

  • Conversational Commerce
  • Lead Generation
  • Customer Care
  • WhatsApp
  • Conversational IVR
  • Google Business Messages

Industries

  • Retail/ E-Commerce
  • Financial Services
  • Travel & Hospitality
  • Telecom

Knowledge

  • ROI Calculator
  • Reports & Research
  • Case Studies
  • Webinars
  • ISAT
  • Tech Blog
  • Business Blog
  • Resources
  • Haptik v/s Yellow
  • Haptik v/s Liveperson
  • Haptik v/s IBM Watson
  • Haptik v/s Verloop
  • Conversations on AI

Company

  • Why Haptik
  • About Us
  • Careers
  • News & Media
  • Awards & Recognition
  • Contact Us
  • Partnerships
  • Investor Relations

Subscribe

Sign up to recieve the latest updates

Find us on

  • Twitter-footer
  • Linkedin-footer
  • YT-footer
  • Insta-footer
  • G2-footer
  • Facebook-footer

Copyright © jio Haptik Technology Limited 2021 | Data Security & Privacy Policy | GDPR

North America | Asia Pacific | Africa | enterprise@haptik.ai

Definition by Author

0
0