chatwoot

mirror of https://github.com/chatwoot/chatwoot.git synced 2026-06-04 21:02:35 +08:00

History

Syed Muhammad Bilal b9757447a8 fix(openapi): document webhook secret in API schema (#14199 ) Fixes #13862 Updates the webhook OpenAPI schema to match the current API behavior for webhook secrets and supported subscription events. ## Why Current source already creates per-webhook secrets, returns `secret` from the account webhook API, and uses that secret to sign outbound webhook requests with `X-Chatwoot-Signature`. The OpenAPI schema was behind that contract: - `components.schemas.webhook` did not include the returned `secret` field. - Webhook subscription enums did not include the typing events that are already available in the dashboard webhook form and handled by `WebhookListener`. ## What this change does - Documents `secret` on the webhook response schema. - Documents the outbound webhook signing headers associated with `secret`: `X-Chatwoot-Timestamp`, `X-Chatwoot-Signature`, and `X-Chatwoot-Delivery`. - Adds `conversation_typing_on` and `conversation_typing_off` to webhook subscription enums. - Regenerates the main and tag-group swagger JSON files. ## Validation - Ran `bundle exec rails swagger:build`. - Ran `bundle exec rspec spec/swagger/openapi_spec.rb`. - Verified generated swagger JSON includes `secret`, `conversation_typing_on`, and `conversation_typing_off` in the webhook schemas. --------- Co-authored-by: Syed Muhammad Bilal <sdmhbilal@users.noreply.github.com> Co-authored-by: Sojan Jose <sojan@pepalo.com>	2026-05-22 16:10:17 +05:30
..
create_update_payload.yml	fix(openapi): document webhook secret in API schema (#14199 )	2026-05-22 16:10:17 +05:30

Syed Muhammad Bilal b9757447a8

fix(openapi): document webhook secret in API schema (#14199 )

Fixes #13862

Updates the webhook OpenAPI schema to match the current API behavior for
webhook secrets and supported subscription events.

## Why

Current source already creates per-webhook secrets, returns `secret`
from the account webhook API, and uses that secret to sign outbound
webhook requests with `X-Chatwoot-Signature`.

The OpenAPI schema was behind that contract:
- `components.schemas.webhook` did not include the returned `secret`
field.
- Webhook subscription enums did not include the typing events that are
already available in the dashboard webhook form and handled by
`WebhookListener`.

## What this change does

- Documents `secret` on the webhook response schema.
- Documents the outbound webhook signing headers associated with
`secret`: `X-Chatwoot-Timestamp`, `X-Chatwoot-Signature`, and
`X-Chatwoot-Delivery`.
- Adds `conversation_typing_on` and `conversation_typing_off` to webhook
subscription enums.
- Regenerates the main and tag-group swagger JSON files.

## Validation

- Ran `bundle exec rails swagger:build`.
- Ran `bundle exec rspec spec/swagger/openapi_spec.rb`.
- Verified generated swagger JSON includes `secret`,
`conversation_typing_on`, and `conversation_typing_off` in the webhook
schemas.

---------

Co-authored-by: Syed Muhammad Bilal <sdmhbilal@users.noreply.github.com>
Co-authored-by: Sojan Jose <sojan@pepalo.com>

2026-05-22 16:10:17 +05:30

create_update_payload.yml

fix(openapi): document webhook secret in API schema (#14199 )

2026-05-22 16:10:17 +05:30