Skip to main content
All CollectionsCustomer Learning Cloud Integrations (Customer Learning Cloud)
Setting up Webhooks (Academies)
Setting up Webhooks (Academies)

Customer Learning Cloud: Subscribe to events that happen in your Academy

Support avatar
Written by Support
Updated over a month ago

WorkRamp’s Customer Learning Cloud supports webhooks to enable our customers to connect their other tools to help make learning management more seamless. Keeping your systems in sync and automating routine tasks is crucial. Webhooks are automated messages sent from your Customer LMS instance to other tools and platforms whenever a specific event occurs, like a user completing an assignment or new user registration.

From the Webhooks page, you can select “Add Webhook” and complete the setup by naming the connection, entering your endpoint URL and selecting the Events you want to subscribe to.

CLC Events Available:

  • Content Completion: Certification - When a learner completes a certification

  • Content Completion: Guide - When a learner completes a guide

  • Content Completion: Path - When a learner completes a path

  • Content Completion: Resource - When a learner completes a Resource

  • Content Completion: SCORM - When a learner completes a SCORM

  • Content Enrollment: Certification - When a learner enrolls in a certification

  • Content Enrollment: Guide - When a learner enrolls in a guide

  • Content Enrollment: Path - When a learner enrolls in a path

  • Content Enrollment: SCORM - When a learner enrolls in a SCORM

  • Content Enrollment: Resource - When a learner enrolls in a Resource

  • User Registration - When a learner registers for a Hub

Once you have selected the Event(s) you need to subscribe to for this connection, click “Add.” For any current webhook, you can delete or edit this connection from the Webhooks page. The setup is now complete and as users complete these events, data will be triggered to send to your 3rd party tool.

Developers Documentation Link

To set up webhooks, head over to our API Documentation to get started.

Verifying Requests from WorkRamp

WorkRamp sends an X-WorkRamp-Signature in the HTTP header of each webhook request. This signature can be used to verify that the data was sent by WorkRamp and not another source.

We can do this check by rebuilding the expected signature using our known signing secret and comparing it with the signature provided in the request. If the signatures match, the request is confirmed to have originated from WorkRamp.

Steps to Validate the Request

  1. Retrieve the Signing Secret
     Obtain the Signing Secret from your WorkRamp admin page.

  2. Extract the Timestamp
     Retrieve the timestamp from the X-WorkRamp-Request-Timestamp header.

*You can also use this timestamp to protect against replay attacks. If it's not within 5 minutes of your local time, it could possibly be a replay attack so we can ignore the request.

3. Create the Base String
 Construct the base string by concatenating the version number (v0), the timestamp, and the request body, separated by colons (:):

version_number = 'v0'

sig_base_string =

"#{version_number}:#{timestamp}:#{request_body}"


4. Generate the expected signature
 Compute the hash of the base string using HMAC-SHA256 with the signing secret as the key. Take the hexadecimal digest of the hash:

expected_signature =

"#{version_number}=#{OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), signing_secret, sig_base_string)}"


5. Compare Signatures
 Compare your generated signature (expected_signature) with the signature from the X-WorkRamp-Signature header. If they match, the request is verified as coming from WorkRamp.

request_signature = request.headers['X-WorkRamp-Signature']

if my_signature == request_signature

# The request is verified

else

# The request is invalid

end

If you have any questions, please reach out to us at support@workramp.com or leverage your chat window in the bottom right-hand corner of your screen.

Did this answer your question?