...
Webhooks are one of the many ways to receive events from Azure Event Grid.
When a new event is ready, Event Grid service POSTs an HTTP request to the configured endpoint with the event in the request body.
Event Grid requires you to prove ownership of your Webhook endpoint before it starts delivering events to that endpoint.
Azure infrastructure automatically handles this validation for these services:
Azure Logic Apps with Event Grid Connector
Azure Automation via webhook
Azure Functions with Event Grid Trigger
If you're using any other type of endpoint, such as an HTTP trigger based Azure function, your endpoint code needs to participate in a validation handshake with Event Grid.
Synchronous handshake: the data portion of this event includes a
validationCode
property.Your application verifies that the validation request is for an expected event subscription, and returns the validation code in the response synchronously.
Asynchronous handshake: Event Grid supports a manual validation handshake.
Event Grid sends a
validationUrl
property in the data portion of the subscription validation event.To complete the handshake, find that URL in the event data and do a GET request to it.
The provided URL is valid for 5 minutes. During that time, the provisioning state of the event subscription is
AwaitingManualAction
.
Code Block |
---|
[{
"id": "135b3c37-5c5b-4019-8509-a3b9c5bbb129",
"topic": "/subscriptions/dd4a7b94-2399-46fc-b2e9-a6ac4ad9fb56/resourceGroups/az204-evgrid-rg/providers/microsoft.eventgrid/topics/az204-egtopic-888382",
"subject": "",
"data": {
"validationCode": "3747BBE8-BEA3-452F-AA7F-16BA33288B99",
"validationUrl": "https://rp-eastus.eventgrid.azure.net:553/eventsubscriptions/az204viewersub/validate?id=3747BBE8-BEA3-452F-AA7F-16BA33288B99&t=2022-02-06T21:29:08.4932495Z&apiVersion=2020-10-15-preview&token=EpJAnYMDBQV5DBZCRdNf114A4%2fNzRfEt1jV0dkUGX8s%3d"
},
"eventType": "Microsoft.EventGrid.SubscriptionValidationEvent",
"eventTime": "2022-02-06T21:29:08.4932495Z",
"metadataVersion": "1",
"dataVersion": "2"
}] |
To prove endpoint ownership, echo back the validation code in the validationResponse
property, as shown in the following example:
Code Block |
---|
{
"validationResponse": "3747BBE8-BEA3-452F-AA7F-16BA33288B99"
} |
you can manually validate the subscription by sending a GET request to the validation URL.
The event subscription stays in a pending state until validated.
The validation Url uses port 553. If your firewall rules block port 553 then rules may need to be updated for successful manual handshake.