Webhooks allow you to listen to certain events on Toornament. When one of those events happen, an HTTP POST request is sent to your configured webhook URL.
A webhook is linked to an application. You can find the list of your webhooks on the Applications page.
Example of a webhook{
"name": "My webhook",
"url": "http://toornament.com/webhook",
"enabled": true
}
Example of a subscription
{
"event_name": "registration.info_updated",
"scope": "tournament",
"scope_id": "842693950880972836"
}
First you need to define a webhook (see webhook endpoint).
Each webhook subscription (see subscription endpoint)
has specific scope and scope_id parameters used to limit the entity events the webhook listens to.
The Toornament Webhook API currently support the following webhook scope:
scope_id is the tournament_id.Triggers when a registration is created.
Triggers when information of a registration is updated.
Triggers when a registration status becomes accepted.
Triggers when a registration status becomes refused.
Triggers when a registration status becomes pending.
Triggers when a registration status becomes cancelled.
Triggers when a registration is deleted.
Triggers when a participant is created.
Triggers when information of a participant is updated.
Triggers when a participant is checked in.
Triggers when a participant is checked out.
Triggers when a participant is deleted.
Triggers when a tournament registration process starts.
Triggers when a tournament registration process ends.
Triggers when a tournament check-in process starts.
Triggers when a tournament check-in process ends.
The following information is passed along in the raw body of the post request of the webhook (json encoded):
Example{
"name": "registration.created",
"object_id": "375143143408309123",
"object_type": "registration",
"scope": "tournament",
"scope_id": "842693950880972837",
"triggered_at": "2015-12-31T00:00:00+00:00"
}Event name.
Entity type concerned by the event.
Entity id concerned by the event.
Scope concerned by the event.
Scope id concerned by the event.
Timestamp of the event trigger in seconds.
Format: RFC 3339 (combined date, time and utc offset)
You can retrieve the registration on the organizer registration endpoint. The object_id is the registration_id.
https://api.toornament.com/organizer/v2/tournaments/{scope_id}/registrations/{object_id}You can retrieve the participant on the organizer participant endpoint. The object_id is the participant_id.
https://api.toornament.com/organizer/v2/tournaments/{scope_id}/participants/{object_id}You can retrieve the tournament on the organizer tournament endpoint. The object_id is the same as the scope_id.
https://api.toornament.com/organizer/v2/tournaments/{scope_id}
To ensure your webhook URL is a legit URL, a HTTP HEAD request will be sent with the X-Webhook-Secret header.
To validate your webhook, the response to this request must return a 200 HTTP Response with the same X-Webhook-Secret header.
Save the X-Webhook-Secret header as you will need it for payload validation.
In each HTTP POST webhook, a X-Webhook-Signature header is added to the request to ensure that payload has not been altered.
To validate the body content you need to concatenate the body response with the X-Webhook-Secret header and hash the result with sha256.
The result string must be the same as the X-Webhook-Signature.
If the Toornament servers can not contact the webhook URL, the servers will try to send the data again during the next 24 hours.
So we can not ensure the event payloads will be delivered in the correct order. To prevent any error, we recommend you retrieve the entity concerned by the event to make sure you have its latest state.