Setting up Webhooks in WorkDrive using Custom Apps

Enhance organization's security, boost productivity, improve usability and achieve much more with WorkDrive's Custom Apps!

As an Admin or Super admin of a WorkDrive team, you now have the ability to create and manage custom apps directly from the Admin Console. Custom apps, in general, enables you to create applications within your WorkDrive team to fulfill the distinct needs and preferences of either yourself or your organization.

Note: Currently, WorkDrive utilizes custom apps to setup webhooks.

Feature availability and its limitations:

This feature is only available in the WorkDrive Business plan.

Business plan users can create custom apps and configure webhooks with the following limitations:

You can create up to 10 custom apps for your WorkDrive team.
You can configure up to 10 webhooks for each custom app.
You can make a maximum of 50,000 webhook calls per day.

Business plan trial users can create custom apps and configure webhooks with the following limitations:

You can only create one custom app for your WorkDrive team.
You can only configure two Webhooks for each app.
You can make a maximum of 50,000 webhook calls per day.

To create a custom app

Sign in to your WorkDrive account as an admin or super admin.
Click Admin Console in the bottom-left corner. This will open the Admin Console window and the Dashboard tab will be selected by default.
Navigate to the Apps tab by clicking on it from the left pane. The Apps tab will appear on the right.
Click + Create a new custom app in the top-right corner. This will open the Create new app window.

Note: You can create up to 10 custom apps for your WorkDrive team.
Fill in the Create new app form with the details such as App name, Description, and Client-id.
To get your Client-ID
Client-ID will only be generated when you register your application with the Zoho developer console. Without client-id you can't be create a custom app in WorkDrive.

Follow the below steps to register your application:
Go to the Zoho API Console and click Get Started.
Select Server based applications as the client type.
Provide the required details to register your application for the client type you chose:

Client Name: The name of your application you want to register with Zoho.
Homepage URL: The URL of your client's home page.
Authorized Redirect URIs: A valid URL of your application that Zoho Accounts redirect you to with the grant token after a successful authentication.

Click CREATE to receive the following credentials:

Client ID: The consumer key generated from the connected app.
Client Secret: The consumer secret generated from the connected app. Learn more on registering your application with the Zoho developer console.

Click Create. You can configure up to 10 webhooks for the created app.

Note: A unique secret key will be generated upon app creation, which is used for webhooks authentication purposes.

View and manage custom apps in WorkDrive

As an admin or super admin of your WorkDrive team, you have the ability to view and manage all the custom apps associated with your team.

Navigate to the Admin Console and access the Apps tab. In the Apps tab, you will find a list of all the custom apps that have been created for your WorkDrive team.

From here, you'll be able to perform the following actions:

To update the app details: Click on the app of your choice. This will open the corresponding App details page, where you can edit the app's name and description according to your requirements.
To delete the custom app: If you want to remove a custom app from your WorkDrive team, you can do so by clicking the Delete app button located at the bottom of the App details page for the specific app you wish to remove.

Webhooks

Enabling Webhooks in WorkDrive allows you to receive real-time notifications for file, folder, team folder, and org-based events, sent to the external app (URL you specify) whenever these events occur. This eliminates the need for continuously monitoring the file/folder and enables you to promptly act upon the received information.

Notes:

You can create up to 10 webhooks for each custom app.
You can only make 50000K webhook calls/day.

To configure webhooks:

Once the custom app is created, you can create and configure webhooks. Follow these steps to configure webhooks for your custom app:

Click Admin Console in the bottom-left corner. This will open the Admin Console window and the Dashboard tab will be selected by default.
Navigate to the Apps tab by clicking on it from the left pane. The Apps tab will appear on the right with the list of all your custom apps.
Choose the custom application for which you want to configure webhooks. This will open the Custom app window. The App details tab will be selected by default.
Switch to the Webhooks tab and click Create new webhook. This will open the Create new webhook window.
Provide the webhook name and description in the respective fields.
Enter the Endpoint URL to which you want to receive notifications.
Note: Make sure the URL is active and capable of processing webhooks.
Select the trigger event (File, Folder, Team Folder, Org based) and specify the event's target location.
Click here to learn more about the event types available in WorkDrive
Click Create Webhook.
You will now receive notifications at the specified URL whenever the specified event occurs in WorkDrive.

Webhooks payload

The webhook payload refers to the response sent to the specified URL whenever the configured trigger event takes place in WorkDrive.

Below is an example of Webhooks payload response for the file creation trigger event:

{

"data": [

{

"resource_info": {

"parent_id": "lvwg28f94012d0a484328b6175c6da296b433",

"resource_id": "ep19987f95a0161684d8ea1b3161f16e41e38",

"resource_name": "Default App Migration Report.csv",

"base_parent_id": "lvwg28f94012d0a484328b6175c6da296b433",

"status": 1

"share_info": {

"role": "7",

"shared_type": "14",

"shared_by": 5608329,

"shared_status": 14,

"shared_to": "111118000000038003"

"association_info": {

"entity_value": "Guna",

"entity_label": "record",

"module": "Leads",

"entity_id": "EID0000001011"

"event_id": "839687000000338003",

"event_type": "file_create",

"app_key": "1000.0UUMEY8E1WWRF26GF0XIHRLKDHHFNH",

"webhook_id": "ep19987f95a0161684d8ea1b3161f16e41e38-839687000000335005",

"module_name": "",

"portal_id": "638722",

"team_id": "lvwg26329e83825ed4815b2e685e1781d6728",

"type": "event_callback",

"event_time": 1600422715262,

"event_by": 61184597

}

]

}

Webhook authentication

To enhance security, WorkDrive employs a method called Webhook Authentication, which involves signing each Webhook request using HMAC-SHA256 (Hash-based Message Authentication Code with SHA-256). This is a symmetric signing mechanism where both WorkDrive and your application share a secret key to generate and validate HMAC signatures.

When WorkDrive sends a Webhook request, it includes an HMAC signature in the X-ZWDWebhook-Signature header of the request. Your application receives this request with the Webhook payload in the request body and the signature in the request header. It then follows these steps:

It uses the shared secret key to sign and encode the Webhook payload.
It compares the resulting signature with the value sent in the X-ZWDWebhook-Signature header of the Webhook request.

If the two signatures match, the request is considered legitimate and that it hasn't been tampered with between your application and WorkDrive. This mechanism ensures the security and integrity of Webhook communications.

Creation of HMAC Signature

To create HMAC Signature, WorkDrive combines JSON WEB SIGNATURE (JWS) header and webhook payload as a UTF-8 string and then hashed the result using HMAC SHA-256 algorithm.

The JWS header is as follows:

{

"alg": "HS256",

"typ": "JWT"

}

It includes the following:

alg: HS256 algorithm is used to generate hashing signature.
typ: The typ (type) header parameter is used to declare the type of the signed content.

Steps for Creation of webhook Signature

The JWT header and Webhook payload will be individually Base64 encoded, then joined together with a full stop “.”
Webhook signature is generated by hashing the Base64 encoded header and Base64 encoded Webhook Payload using SHA-256 algorithm and encode the resulting signature using Base64 encoding.
The three components, which are the Base64 encoded header, the Base64 encoded webhook payload, and the Base64 encoded HMAC SHA-256 signature, are concatenated together with full stops "." as separators.

WorkDrive includes this signature as a header in the HTTP POST back to the webhook request, which appears as follows:

X-ZWDWEBHOOK-SIGNATURE: <base64 header>.<base64 body>.<base64 HS256(<base64 header>.<base64 body>)

Verify the HMAC Signature

Once your app receives a Webhook request containing an HMAC Signature in the header, it should perform a verification process. This involves attempting to recreate a signature by hashing the webhook payload using a shared secret key.

Note: All webhooks configured for a custom app use the same secret key for verifying the signature.

To obtain the secret key:

Click Admin Console in the bottom-left corner. This will open the Admin Console window and the Dashboard tab will be selected by default.
Navigate to the Apps tab by clicking on it from the left pane. The Apps tab will appear on the right with the list of all your custom apps.
Choose the custom app for which you need to copy the secret key. This will open the Custom app window and App details tab will be selected by default.

Info: If you're already on the webhooks page, simply click the View secret key link on the right. This will take you to the corresponding App details tab.
Navigate to the secret key field within the App details tab and copy the value. You can now use the secret key for verifying webhooks.

To verify the webhooks:

Extract the webhook payload from the received webhook request.
Compute an HMAC signature for the webhook payload using the shared secret key. This involves using the SHA-256 hashing algorithm.
Encode the computed HMAC signature using the Base64 encoding mechanism.
Extract the signature from the X-ZWDWEBHOOK-SIGNATURE header of the webhook request.
Ensure that the computed Base64 encoded SHA-256 hash of the webhook payload matches the value provided in the X-ZWDWEBHOOK-SIGNATURE header of the webhook request.

If there is a mismatch, reject the webhook request.

Note: Make sure that both the creation and verification mechanisms use the same encoding mechanism to ensure consistency and accurate verification of the webhook data.

View and manage webhooks in WorkDrive

As an admin or super admin of your WorkDrive team you'll be able to view and manage webhooks for each custom app from the Admin Console.

Click Admin Console in the bottom-left corner. This will open the Admin Console window and the Dashboard tab will be selected by default.
Navigate to the Apps tab by clicking on it from the left pane. The Apps tab will appear on the right with the list of all your custom apps.
Choose the custom application for which you want to make changes to the webhooks. This will open the Custom app window. The App details tab will be selected by default.
Switch to the Webhooks tab to access the complete list of configured webhooks for your custom app, along with the respective manage options:

To enable or disable a webhook: Simply toggle the ON/OFF switch provided in the webhooks tab.
To modify the name and description of a webhook: Click the More actions icon and choose the Edit option.
To delete a webhook: Click the More actions icon and select Delete. Confirm the deletion by clicking Delete again in the confirmation dialog box.

Access your files securely from anywhere

Zoho CRM Training Programs

Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

Redefine the way you work

with Zoho Workplace

Start your free trial

Zoho DataPrep Personalized Demo

If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

Create, share, and deliver

beautiful slides from anywhere.

Get Started Now

Zoho Sign now offers specialized one-on-one training for both administrators and developers.

BOOK A SESSION

Zoho Workerly Home
Forums
Connect With Us:

Zoho Recruit Home
Forums
Connect With Us:

Start tracking your website metrics today

Use PageSense to understand what your visitors are looking for, how they are behaving, and where they are facing problems on your website.

Ready to improve your website's performance?

Install the PageSense code snippet on your site in a matter of minutes and start collecting in-depth data about the website visitors to grow your business.

Track and measure every business goal

Set up goals in PageSense to measure every single action performed by visitors on your website like button or link clicks, form submissions, and page engagements.

Understand the customer journey on your website

Create funnels in PageSense to quickly see which pages visitors use to enter your website, where they navigate to next, and which pages they decide to leave without converting.

Visualize your visitor's behavior with color codes

Set up heatmaps in PageSense to see where users have clicked more, how far they've scrolled, and on which parts of a page they've spent the most time using color-coded patterns in reports.

Measure customer engagement with your web forms

Use form analytics in PageSense to see how people interact with different fields in your form, whether they complete the form successfully or not, and where exactly they drop out on your form.

Record real visitor interactions on your website

Use session recordings in PageSense to watch a video of all the visitor actions performed on your website including the pages they navigate, the buttons they click, the UX issues they face, and more.

Test and optimize webpages for better conversions

Run A/B or Split URL tests in PageSense to figure out which version of your web page works best for your business and results in the best conversion rate.

Give each customer a unique website experience

Use personalization in PageSense to deliver customized versions of your website for every individual customer based on their demographics, local weather, browsing history, and more.

Grow your business through customer feedback

Run polls on your website using PageSense to understand what your customers think about your products/services and what needs improvement on your site.

Send timely updates that customers love

Use web push notifications in PageSense to schedule and notify your customers about an upcoming flash sale, product releases, promotional coupons, and a lot more that can spark conversions on your website.

Advertise your business to website visitors

Use pop-ups in PageSense to instantly grab the attention of visitors by showing attractive signup offers, coupon code discounts, or email newsletters that can eventually convert them into subscribers.

Access more advanced settings in PageSense

Use PageSense's advanced features like creating mutually exclusive groups, enabling cross-domain tracking, configuring customized project JS, and more to get deeper insights about your website.

Try easy-to-use extensions

Download the PageSense extension app available for your web browser with a few clicks and start collecting all of your required website metrics in real time.

Discover your favorite integrations with PageSense

Get a deeper look at your website's data by seamlessly integrating PageSense with a host of popular third-party apps like Google Analytics, Mixpanel, Intercom, and more.

Quick Links	Workflow Automation	Data Collection
Web Forms	Enterprise	Begin Data Collection
Interactive Forms	Workplace	Data Collection App
Offline Forms	Customer Service	Accessible Forms
Digital Forms	Marketing	Forms for Small Business
HTML Forms	Education	Forms for Enterprise
Contact Forms	E-commerce	Forms for any business
Lead Generation Forms	Healthcare	Forms for Startups
Wordpress Forms	Customer onboarding	Order Forms for Small Business
No Code Forms	Construction
Free Forms	Travel
Prefill Forms	Non-Profit
Intake Forms	Legal
Form Designer	HR
Card Forms	Food
Assign Forms	Photography
Translate Forms	Real Estate
Electronic Forms
Notification Emails for Forms
Holiday Forms
Form to PDF
Email Forms CRM Forms Embeddable Forms Drag and Drop form builder HIPAA Forms Encrypted Forms

New to Zoho CRM Plus?

Deliver unforgettable customer experiences

ACCESS ZOHO CRM PLUS

New to Zoho CRM Plus?

Deliver unforgettable customer experiences

ACCESS ZOHO CRM PLUS

New to Zoho Marketing Plus?

Everything you need to run your marketing

ACCESS ZOHO MARKETING PLUS

New to Zoho Marketing Plus?

Everything you need to run your marketing

ACCESS ZOHO MARKETING PLUS

Zoho Pagesense Resources

You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.

New to Zoho Survey?

Access Zoho Survey

Latest Feature Updates

Explore our Pricing & Plans

Zoho Survey Resources

Android Mobile Surveys

Insurvey Blogs

Insight Blogs

Tips & Tricks

New to Zoho Social?

Manage your brands on social media

Access Zoho Social

Zoho Desk Resources

Desk Community Learning Series
Digest
Functions
Meetups
Kbase
Resources
Glossary
Desk Marketplace
MVP Corner
Word of the Day

Zoho Sheet Resources

New to Zoho Forms?

Latest Feature Updates

Explore our Pricing & Plans

Zoho Forms Resources

Secure your business

communication with Zoho Mail

Get started

Mail on the move with

Zoho Mail mobile application

Go Mobile

Stay on top of your schedule

at all times

Get started

Carry your calendar with you

Anytime, anywhere

Get started

Latest Announcements

New to Zoho Sign?

Zoho Sign Resources

Sign, Paperless!

Sign and send business documents on the go!

Get Started Now

Zoho SalesIQ Resources

New to Zoho TeamInbox?

Zoho TeamInbox Resources

Connect with us

New to Zoho ZeptoMail?

LEARN MORE

Latest Feature Updates

Zoho DataPrep Resources

New to Zoho DataPrep?

Access Zoho DataPrep

Zoho DataPrep Demo

Get a personalized demo or POC

Design. Discuss. Deliver.

Create visually engaging stories with Zoho Show.

Get Started Now

New to Zoho Workerly?

Access Zoho Workerly

New to Zoho Recruit?

Access Zoho Recruit

New to Zoho CRM?

Signup Now

Access Zoho CRM

Latest Feature Updates

New to Zoho Projects?

Access Zoho Projects

New to Zoho Sprints?

Access Zoho Sprints

New to Zoho Assist?

Access Zoho Assist

New to Bigin?

Signup Now

Access Bigin

Latest Feature Updates

Related Articles
Custom Domain in WorkDrive
Custom Domain feature in WorkDrive lets the admin users create customized URL for their WorkDrive account. This will allow the team members to access their WorkDrive account via domain name relevant to their organization or team. You can share files ...
WorkDrive Essentials plan for teams
Zoho WorkDrive is an online file management and collaboration platform for teams and individuals. WorkDrive is available as a standalone product as well as part of various app bundles, such as Zoho One, Workplace, Remotely, and Zillum. WorkDrive's ...
Sign in and sign out of your WorkDrive mobile app
File access, collaboration, and management on the go has been made seamless with the WorDrive mobile app for Android and iOS. To access WorkDrive's mobile app, you will have to create an account and create your team in the WorkDrive web app, then log ...
Create files and folders using mobile apps
After you create a team using the web app, you can create files and folders using the web and mobile apps. Only the admins, organizers, and editors can create files and folders within a Team folder. Create a file From the home screen, tap to select ...
WorkDrive Genie for Windows
The WorkDrive Genie app lets you open and edit your WorkDrive files on the web with your default desktop applications. You can open and edit any files such as documents, images, and videos with Microsoft Word, CorelDRAW, and Adobe Premiere Pro, ...