Functionality

DruID enables developers to subscribe to any event using Webhooks. To start receiving event notifications, Webhooks must first be registered through the Cockpit tool.

API Authentication Methods

There are three authentication methods available for secure API access: API Key, HTTP Basic, and HMAC Signature.

1. API Key: A unique key provided to authenticate API requests. Simple and commonly used for basic authentication needs.
2. HTTP Basic: A method that requires a username and password, you should introduce then as plain text, to authenticate API access.
3. HMAC Signature: A highly secure method that generates a hash-based signature using a secret key to validate requests.

Selecting HMAC authentication ensures the integrity and immutability of your API requests. When using HMAC, you will receive a POST request at the predefined endpoint registered in the Cockpit tool. The request will follow this format:

To verify the authenticity of the request, you must read and process the X-Hub-Signature header. This header provides the MAC digest method used and the hash value computed for the entire request body, ensuring data integrity and security.

To ensure the authenticity of the request, you need to calculate the HMAC of the request body on your end using the password generated in the Cockpit Webhook section. Then, compare your computed HMAC with the value received in the X-Hub-Signature header. If both match, the request is verified and secure.

For the previous example, the HMAC password is 12345.

If you prefer to use API Key or HTTP Basic Authentication instead of HMAC, the authentication credentials will be included in the Authorization header:

  • API Key: The header will contain the API key as a token for authentication.
  • HTTP Basic: The header will include a Base64-encoded string of the username and password.
Event IDDescription
registerA consumer has registered in DruID Identity (CIAM)
confirmRegisterA consumer’s registration in DruID Identity (CIAM) has been confirmed.
requestUnsubscribeA consumer has requested the cancellation of his account from the private area in DruID Identity (CIAM).
unsubscribeA consumer’s account has been cancelled from DruID Identity (CIAM).
requestChangePasswordA consumer has started the password change process (because he/she does not remember it or from the private area) in DruID Identity (CIAM)
changePasswordA consumer changed his password in DruID Identity (CIAM)
loginA consumer has login in DruID Identity (CIAM)
logoutA consumer has logout in DruID Identity (CIAM)
unsubscribeInactivityA consumer’s account has been cancelled from DruID Identity (CIAM) due to account not confirmation
userProfileUpdatedA consumer has updated his information in DruID Identity (CIAM)
messageOptInA consumer has agreed to non-binding consents in DruID Identity (CIAM)
messageOptOutA consumer has refused non-binding consents in DruID Identity (CIAM)
acceptTCSA consumer has agreed to mandatory consents in DruID Identity (CIAM)
socialLinkAccountA consumer has linked his account with a social network in DruID Identity (CIAM).
socialRegisterA consumer has registered in DruID Identity (CIAM) with a social network
socialLoginA consumer has login in DruID Identity (CIAM) with a social network
confirmIdentifierA consumer has confirmed an identifier in DruID Identity (CIAM)
sendConfirmRegisterDruID Identity (CIAM) has sent a confirmation notification to a consumer.
typologyAdquiredA consumer has acquired a new typology in DruID Identity (CIAM).
typologyRejectedA consumer has rejected a new typology in DruID Identity (CIAM).
sendScheduledConfirmRegisterDruID Identity (CIAM) has sent a confirmation notification scheduled reminder to a consumer.
redirectToSurveyDruID Identity (CIAM) has redirect consumer to a DNA Survey (Only if DNA module is enabled).
socialUnlinkAccountA consumer has unlink his account from a social network in DruID Identity (CIAM).
cancelUnsubscribeA consumer has cancelled the request of cancellation of his account from the private area in DruID Identity (CIAM).
requestUserProfileApproveNOT USED
userProfileApprovedNOT USED
completeAccountA consumer has complete required info defined in a entrypoint in DruID Identity (CIAM).
userVerifiedA consumer has been verified in DruID Identity (CIAM) with Facephi (Only if Facephi module is enabled).
pulseLinkAccountA consumer’s activity has been sent to DruID Pulse (CDP) and has acquired a new pulseID (Only if DruID Pulse (CDP) module is enabled).
configureMFATBD
unsubscribeMFATBD
sendMFACodeTBD
sendRecoveryCodeTBD
remoteFieldAdquiredA consumer has obtained a field from a remote service