Consuming A Webhook With FileMaker

What Is A Webhook?

Consuming A Webhook

  • Set up your FileMaker layout for the Data API to use
  • Create a field that will be used to store the data passed in from the webhook
  • Set up your FileMaker script that the Data API will call
  • Set up your FileMaker Data API user account with the correct privileges
  • Ensure FileMaker Server is configured to use the Data API
  • Update the PHP files with your details and upload to a web server
  • Configure your web application/service with the endpoint URL (where you uploaded the files to)
  • The webhook will call our endpoint and we’ll request an authorization token for our database using the Data API
  • Using that token, we’ll grab the data we were passed by the web app and then have the Data API create a record and run a script — what table you create the record in and what the script does is entirely up to you, it just depends what you want to do with the data passed
  • Then for good measure we’ll delete the authorization token

Getting A Token

// Function to get an authorization token from FileMaker which will be used to pass data from the webhook to the database - note, environment variables are set just before function is called
function get_token($additionalHeaders,$host,$password,$payload,$username) {
// Set up the cURL options
$ch = curl_init($host);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', $additionalHeaders));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

// Execute the cURL statement
$result = curl_exec($ch);
// Close the cURL connection
curl_close($ch);
// Decode the resulting JSON
$json_token = json_decode($result, true);
// Extract just the token value from the JSON result
$token_received = $json_token['response']['token'];

// Return the token
return($token_received);
};

Passing The Data To FileMaker

// Function to pass data from the webhook to the database using the token from the function above - note, environment variables are set just before function is called
function pass_data($additionalHeaders,$host,$payload) {

// Set up the cURL options
$ch = curl_init($host);
// Inject the token into the header
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', $additionalHeaders ));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute the cURL statement
$result = curl_exec($ch);

// Close the cURL connection
curl_close($ch);
// Return the result
return($result);
};

Deleting The Token

// Function to delete the authorization token
function delete_token($additionalHeaders,$host,$payload) {
// Set up the cURL options
$ch = curl_init($host);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', $additionalHeaders));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
// Specify the request method as DELETE
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE');
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

// Execute the cURL statement
$result = curl_exec($ch);

// Close the cURL connection
curl_close($ch);
// Return the result
return($result);
};

Setting Up The Environment Variables

// Set up the environment variables for the hostname, database, layout, script and field name
$database = 'DATABASE_NAME';
$hostname = 'MY.SERVER.COM';
$layout = 'DATA_API_LAYOUT';
$script = 'SCRIPT_TO_EXECUTE';
$field_name = 'FIELD_NAME';
// Set up the FileMaker username and password that has data API privileges
$username = 'USERNAME';
$password = 'PASSWORD';

Get The Authorization Token

// Set up the environment variables to get a token
$additionalHeaders = '';
$host = 'https://'.$hostname.'/fmi/data/v1/databases/'.$database.'/sessions';
$payload = '';
// Call the get_token function and put the result into a variable for use in the pass_data function
$token = get_token($additionalHeaders,$host,$password,$payload,$username);

Send The Data To FileMaker

// Get the data from the webhook
$data = (!empty(file_get_contents('php://input')) ? file_get_contents('php://input') : json_encode($_REQUEST)) ;
// Now that we have a token, set up the environment variables and call the pass_data function to create a record and then run a script
$additionalHeaders = 'Authorization: Bearer '.$token;
$host = 'https://'.$hostname.'/fmi/data/v1/databases/'.$database.'/layouts/'.$layout.'/records';
$payload = json_encode(array('fieldData' => array( $field_name => $data ), 'script' => $script, 'script.param' => $data ));
// Call the pass_data function
$request = pass_data($additionalHeaders,$host,$payload);

Delete The Authorization Token

// Set up the environment variables to delete the token
$additionalHeaders = '';
$host = 'https://'.$hostname.'/fmi/data/v1/databases/'.$database.'/sessions/'.$token;
$payload = '';
// Call the delete function
$token_deleted = delete_token($additionalHeaders,$host,$payload);

Response Time Limit

function call_consume_webhook($url,$post_array) {

// Get the data passed into this by the webhook
$data = (!empty(file_get_contents('php://input')) ? file_get_contents('php://input') : json_encode($_REQUEST)) ;
// Set up the curl request using the data from the webhook and the url when the function is called below
$cmd = "curl -X POST -H 'Content-type: application/json' -d '[$data]' $url";
// Instruct the command to run without waiting for it to complete, which may be required for services that have a response time limit
$cmd .= " > /dev/null 2>&1 &"; // Just dismiss the response
// Execute the command
exec($cmd);
}// Call the function, passing in the url
call_consume_webhook('https://my.server.com/consume-webhook-data-api.php',[]);

Downloads

Caveats

  • Any loading of the PHP file will trigger the Data API to execute its tasks
  • Given the above, be sure to bury the location of the file on the web server of choice
  • Within your logic in FileMaker it’s probably a good idea to test if the data you’re receiving is what you expect and if not then halt
  • It’s also possible to add a unique token to the URL, such as “?auth=5487951”, and drop the request if the token doesn’t match what it should
  • There’s little to no error trapping in these sample files, so if say the password changes for the user account, you will likely lose the data sent in the call
  • Some webhooks can make an awful lot of calls in quick succession, so be sure to know the volume you expect before setting this up

Conclusion

--

--

--

FileMaker Developers; Keycloak Enthusiasts; Data Magicians

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

SAWO Labs : Password-less WordPress Plugin.

SAWO LABS WordPress Plugin

Hawksight -Ambassador Program

DSA Series: A Bit About Bits and Counting 1s

Singleton and Ready to Mingleton

September 2021 WAX Guild Ratings Report

A better way than “ldflags” to add a build version to your Go binaries

Expert Systems: How to implement a backward chaining resolver in Python

🇸🇪 MySwedish fluency bits #20

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sounds Essential

Sounds Essential

FileMaker Developers; Keycloak Enthusiasts; Data Magicians

More from Medium

ENABLING WORDPRESS ON HTTPS ON AN UBUNTU SERVER

Site is up and running now

What is Ory Hydra?

Utiliser votre MacBook Touch ID comme 2FA sur GitHub

Secure Your Site Against Spam: The Morning After