🚧
Additional Fees Apply

Webhook Overview

A lightweight webhook on the Corrigo Sync platform, allowing for an integration administrator to set which events to listen for and set the webhook URL endpoint for the data to be shared. This solution is designed to enable client development teams to build a self-serve integration that relies on Corrigo system events for a real-time bi-directional workflow.

The Corrigo Webhook requires both API provisioning for the applicable database and a subscription to the Corrigo Sync platform. Contact your account representative for details on implementation.

Visit JLLT University for more information on Corrigo Sync

Corrigo Webhook Configuration

Event Subscriptions

Select Categories of subscriptions by checking the box next to the module. Next select the specific trigger(s) for the subscription.

Clicking the blue Info icon on each module will open a dialogue box with a sample payload for that module. Each module has a specific payload structure indexed to the base object. All entities and field definitions may be found in the Data Model of Entities section of the Corrigo Developer site.

Available Events

Enter the URL for all transactions in this webhook subscription to be sent. Signing Key is a client defined string (max of 64 characters) used as a shared secret for the HMAC authentication process

Event Category	Event Category Description
Work Order Updates	Create Pick Up (Accept/Acknowledge) Start (Check-In) Stop (Check-Out) On Hold Re-Open Cancel Complete Verified Assigned/Re-Assigned Attention (Flagged) Flag Cleared Schedule Start Date Updated
Work Order Estimate	Estimate Rejected Estimate Approved
Work Order Costs	Vendor Invoice Status Changed Internal Costs Status Changed
Work Order Note	WO Note is added
Work Order Attachment	Attach document to Work Order

Sample Payload for Work Order Updates

{
    "Entities": [
        {
            "Data": {
                "Number": "SBG00001",
                "TypeCategory": "Request",
                "WorkOrderCost": {
                    "Id": 1022288
                },
                "Priority": {
                    "Id": 3
                },
                "StatusId": "Completed",
                "Access": "NotApplicable",
                "MainAsset": {
                    "Id": 518770
                },
                "ShortLocation": "Services",
                "TaskRefinement": "HVAC Services:Air Conditioning/Heater Repair (non-emergency)",
                "WorkZone": {
                    "DisplayAs": "South Beverly Grill",
                    "Number": "southbevgrill",
                    "CustomFields": [
                    ],
                    "ConcurrencyId": 3,
                    "Id": 449
                },
                "Employee": {
                    "DisplayAs": "Test McTesterson",
                    "ActorTypeId": "Employee",
                    "Number": "",
                    "ConcurrencyId": 10,
                    "Id": 3708
                },
                "Duration": 0,
                "VendorNte": {
                    "CurrencyTypeId": "USD",
                    "Value": 0.0
                },
                "Specialty": {
                    "DisplayAs": "HVAC",
                    "WONServiceId": 12,
                    "Instructions": "",
                    "IsNteAuto": true,
                    "IsRemoved": false,
                    "ConcurrencyId": 5,
                    "Id": 10001
                },
                "PoNumber": "323727857",
                "SubType": {
                    "DisplayAs": "Request",
                    "TypeId": "Request",
                    "ConcurrencyId": 5,
                    "Id": 259
                },
                "Customer": {
                    "Name": "South Beverly Grill",
                    "TenantCode": "sbg102",
                    "CustomFields": [
                        {
                            "Descriptor": {
                                "Name": "SC Location Number",
                                "ConcurrencyId": 1,
                                "Id": 434
                            },
                            "Value": "102",
                            "Id": 663242
                        }
                    ],
                    "ConcurrencyId": 5,
                    "Id": 776
                },
                "ContactName": "",
                "WonId": 0,
                "IsWarranty": false,
                "Flag": {
                    "DisplayAs": "New or Missing Equipment",
                    "ActionId": "Attention",
                    "ConcurrencyId": 1,
                    "Id": 3340
                },
                "FlagId": 3340,
                "TimeZone": 4,
                "CurrencyTypeId": "USD",
                "LastActionDate": "2025-09-11T15:22:05.92",
                "DtCreated": "2025-08-28T06:20:40.16",
                "DtDue": "2025-09-04T06:20:00",
                "DtAcknowledgeBy": "2025-08-29T06:20:00",
                "AcknowledgeByUtc": "2025-08-29T13:20:00",
                "LastActionDateUtc": "2025-09-11T22:22:05.92",
                "CreatedDateUtc": "2025-08-28T13:20:40.16",
                "DueDateUtc": "2025-09-04T13:20:00",
                "DtOnSiteBy": "2025-08-29T06:20:00",
                "DtUtcOnSiteBy": "2025-08-29T13:20:00",
                "LastAction": {
                    "Id": 1022288,
                    "LastAction": {
                        "TypeId": "Complete",
                        "Actor": {
                            "Id": 1,
                            "TypeId": "Employee"
                        },
                        "ActionDate": "2025-09-11T15:22:05.92",
                        "Comment": "Completion note",
                        "SystemDateUtc": "2025-09-11T22:22:05.92",
                        "Id": 8174542
                    }
                },
                "Items": [
                    {
                        "Asset": {
                            "Name": "HVAC Services",
                            "Attributes": [
                                {
                                    "Descriptor": {
                                        "Name": "JACS ID",
                                        "ConcurrencyId": 129,
                                        "Id": 10155
                                    },
                                    "Value": "ABC123",
                                    "ConcurrencyId": 1,
                                    "Id": 5944125
                                }
                            ],
                            "Id": 518772
                        },
                        "Task": {
                            "DisplayAs": "Air Conditioning/Heater Repair (non-emergency)",
                            "ConcurrencyId": 1,
                            "Id": 33897
                        },
                        "Comment": "",
                        "ConcurrencyId": 1,
                        "Id": 1090522
                    }
                ],
                "Notes": [
                    {
                        "CreatedDate": "2025-08-28T06:20:42",
                        "Body": "Service Request has been dispatched to LF Incorporated LLC via lfalways1776@gmail.com with USD 1000.00 NTE.",
                        "WorkOrderId": 1022288,
                        "NoteTypeId": "Public",
                        "CreatedBy": {
                            "Id": 3702,
                            "TypeId": "Employee"
                        },
                        "Id": 991149
                    }
                ],
                "CompletionNote": {
                    "CreatedDate": "2025-09-11T15:20:35",
                    "Body": "Completion note",
                    "WorkOrderId": 1022288,
                    "NoteTypeId": "Completion",
                    "CreatedBy": {
                        "Id": 1,
                        "TypeId": "Employee"
                    },
                    "Id": 991150
                },
                "Documents": [
                    {
                        "Description": "",
                        "Title": "singer",
                        "StartDate": "2025-08-29T00:00:00",
                        "UpdatedDate": "2025-08-29T10:43:47",
                        "IsShared": true,
                        "IsPublic": false,
                        "DocUrl": "https://enterpriseam.s3.amazonaws.com/10721/4693ceb5-e877-4eb9-8032-efe2bac32cae/singer.jpg",
                        "MimeType": "image/jpeg",
                        "UpdatedBy": {
                            "Id": 1,
                            "TypeId": "Employee"
                        },
                        "ConcurrencyId": 1,
                        "Id": 262805
                    }
                ],
                "CustomFields": [
                    {
                        "Descriptor": {
                            "Name": "SC Equipment",
                            "ConcurrencyId": 1,
                            "Id": 427
                        },
                        "Value": "ELEVATOR/ESCALATOR / HVAC / / HVAC Services / Test",
                        "Id": 684464
                    },
                    {
                        "Descriptor": {
                            "Name": "SC Problem Code",
                            "ConcurrencyId": 1,
                            "Id": 428
                        },
                        "Value": "HVAC Services",
                        "Id": 684465
                    },
                    {
                        "Descriptor": {
                            "Name": "SC Tracking #",
                            "ConcurrencyId": 1,
                            "Id": 429
                        },
                        "Value": "323727857",
                        "Id": 684466
                    },
                    {
                        "Descriptor": {
                            "Name": "SC Trade",
                            "ConcurrencyId": 1,
                            "Id": 430
                        },
                        "Value": "HVAC",
                        "Id": 684467
                    },
                    {
                        "Descriptor": {
                            "Name": "SC Category",
                            "ConcurrencyId": 1,
                            "Id": 431
                        },
                        "Value": "REPAIR",
                        "Id": 684468
                    }
                ],
                "CheckInOuts": [
                    {
                        "EmployeeId": 3708,
                        "DtCheckIn": "2025-08-29T11:11:06",
                        "InCheckTypeId": "Gps",
                        "InStatusId": "Invalid",
                        "DtCheckOut": "2025-08-29T11:11:28",
                        "OutCheckTypeId": "Gps",
                        "OutStatusId": "Invalid",
                        "ConcurrencyId": 2,
                        "Id": 519765
                    }
                ],
                "InductionAndSafetyStatusID": "NotApplicable",
                "Score": 0,
                "TravelTimeFrom": 0,
                "TravelTimeTo": 0,
                "ConcurrencyId": 12,
                "Id": 1022288
            }
        }
    ],
    "ActionType": "Create",
    "ActionDate": "2021-04-28T07:13:05.05"
}

Settings

Enter the URL for all transactions in this webhook subscription to be sent. Signing Key is a client defined string (max of 64 characters) used as a shared secret for the HMAC authentication process

HMAC Authentication

Purpose

The X-Webhook-Signature header contains a cryptographic signature that proves the authenticity of the webhook request. This header is automatically added to every webhook request sent from the Corrigo Sync integration.

What It Contains

Without validating this signature, your endpoint would have no way to verify that:

The request actually came from Corrigo Sync (and not a malicious third party)
The payload hasn't been altered during transmission
The request is current and not a replay of an old legitimate request

By validating the signature, you ensure that only authorized webhook requests are processed by your system.

Step-by-Step Validation Process

Prerequisites

Before implementing webhook signature validation, ensure you have:

The shared HMAC Signing Key - the same secret key configured in the Corrigo integration settings
HMAC-SHA256 capability - Your platform must be able to compute HMAC-SHA256 hashes
Access to raw request body - Your implementation must be able to read the raw, unparsed request body
The signature header name - By default X-Webhook-Signature

Extract the Signature from the Request Header

Read the signature value from the HTTP header (default: X-Webhook-Signature). If the header is missing, reject the request immediately as it indicates an unauthenticated request.

Read the Raw Request Body

Capture the complete, raw request body as a string exactly as received. This is critical - the signature is computed against the raw JSON string, not the parsed data structure. Do not parse or modify the body before validation.

Compute Your Own Signature

Using your stored copy of the HMAC secret, compute the HMAC-SHA256 signature of the raw request body:

Convert both the secret and request body to UTF-8 byte arrays
Compute the HMAC-SHA256 hash using the secret as the key and the body as the message
Encode the resulting hash to Base64 format

Compare Signatures

Compare the signature you received in the header with the signature you just computed. The signatures must match exactly.

Handle the Validation

If signatures match: The request is authentic - proceed to process the webhook data

If signatures don't match: The request is unauthorized - reject it

NOTE: clicking Save in each section of the Settings page will invoke a network and login test using the data entered. A successful Save means the connection can be made and all information is validated. An error means one or more of the data points is incorrect or invalid