You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/event-grid/webhook-event-delivery.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,11 +28,11 @@ from being told to a push to a destination that isn't expecting the traffic. Whi
28
28
29
29
Delivery targets SHOULD support the abuse protection feature. If a target doesn't support the feature, the sender MAY choose not to send to the target, at all, or send only at a very low request rate.
30
30
31
-
### 4.1. Validation request
31
+
### Validation request
32
32
33
33
The validation request uses the **HTTP OPTIONS** method. The request is directed to the exact resource target URI that is being registered. With the validation request, the sender asks the target for permission to send notifications, and it can declare a desired request rate (requests per minute). The delivery target will respond with a permission statement and the permitted request rate. Here's a couple of the header fields are for inclusion in the validation request.
34
34
35
-
#### 4.1.2. WebHook-Request-Origin
35
+
#### WebHook-Request-Origin
36
36
37
37
The `WebHook-Request-Origin` header MUST be included in the validation request and requests permission to send notifications from this sender, and contains a
38
38
Domain Name System (DNS) expression that identifies the sending system, for example `eventemitter.example.com`. The value is meant to summarily identify all sender
@@ -47,7 +47,7 @@ Example:
47
47
WebHook-Request-Origin: eventemitter.example.com
48
48
```
49
49
50
-
### 4.2. Validation response
50
+
### Validation response
51
51
52
52
If and only if the delivery target does allow delivery of the events, it MUST reply to the request by including the `WebHook-Allowed-Origin` and
53
53
`WebHook-Allowed-Rate` headers. If the delivery target chooses to grant permission by callback, it withholds the response headers.
@@ -59,7 +59,7 @@ handle the HTTP OPTIONS method, it SHOULD respond with HTTP status code 405, as
59
59
The OPTIONS response SHOULD include the `Allow` header indicating the POST method being permitted. Other methods MAY be permitted on the
60
60
resource, but their function is outside the scope of this specification.
61
61
62
-
#### 4.2.1. WebHook-Allowed-Origin
62
+
### WebHook-Allowed-Origin
63
63
64
64
The `WebHook-Allowed-Origin` header MUST be returned when the delivery target agrees to notification delivery by the origin service. Its value MUST either be
65
65
the origin name supplied in the `WebHook-Request-Origin` header, or a singular asterisk character ('\*'), indicating that the delivery target supports
0 commit comments