HTTP Callbacks allow apps to dynamically receive notifications or data updates when certain events occur. They work by sending an HTTP POST request to a predefined URL whenever the event tied to the callback is triggered. This feature facilitates seamless integration between the system and external services, ensuring that actions in the system can trigger corresponding workflows in third-party tools.

HTTP callbacks can be found here in the app API.

Setting Up and Managing Callbacks

HTTP Callbacks are configured and managed within the scope of an app through the Developer Service. This allows developers to define which events their app will listen to and where notifications should be sent. The configuration ensures that only relevant updates are forwarded, enhancing the efficiency of integrations.

Event Coverage and Expansion

Currently, there are five supported events for callbacks. While this number is limited, the system is continuously expanding its capabilities to include more events in future updates. Each event provides specific data that apps can use to trigger processes, update databases, or notify users.

Currently implemented events:

• APPOINTMENT_ADD
• APPOINTMENT_EDIT
• APPOINTMENT_CANCEL
• APPOINTMENT_MOVE
• EMPLOYEE_ADD

Security Considerations

When working with HTTP Callbacks, security should be a primary concern:

1. Authentication: Ensure that your callback endpoint validates incoming requests. This can be achieved by using secure tokens or API keys sent with the request headers.
2. Encryption: Always use HTTPS for your callback endpoints to protect data in transit.
3. Validation: Validate the incoming payload to ensure that it matches the expected schema and comes from a trusted source.

Example Use Case: Notification Service

Imagine an app that tracks appointments in real time. With HTTP Callbacks, you could configure the app to send notifications to an external messaging service whenever a new appointment is booked, updated, or canceled. This ensures that users or systems relying on this information stay up to date without polling the API for changes.

Best Practices

1. Define Specific Callbacks: Only register callbacks for events your app genuinely needs to reduce unnecessary traffic and processing.
2. Monitor Logs: Utilize the logs generated for each callback to troubleshoot issues in communication or data transfer.
3. Retry Logic: Ensure that your endpoint can handle retries in case of temporary failures. The system can reattempt sending callbacks if configured appropriately.