Server Webhooks
User Permissions API
To efficiently manage access to email template and its different parts in the editor, Stripo has implemented a webhook designed to externally retrieve permissions for a specific user to interact with the email template. To process requests from Stripo, you will need to implement an API according to this specification.
OpenAPI Specification
openapi: 3.0.3
info:
title: Stripo User Permissions API
version: 0.1.0
servers:
- url: YOUR_USER_PERMISSIONS_CHECKER_URL
paths:
/:
get:
operationId: getUserPermissionsForEmail
parameters:
- in: header
name: ES-PLUGIN-UI-DATA
required: true
schema:
type: string
description: Content of metadata param that was passed during editor initialization
- in: header
name: Cookies
required: true
schema:
type: string
description: Browser cookies
responses:
200:
description: User permissions for email
content:
application/json:
schema:
$ref: '#/components/schemas/UserPermissions'
security:
- basicAuth: []
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
schemas:
UserPermissions:
type: object
properties:
codeEditor:
type: object
$ref: '#/components/schemas/UserPermissionValue'
appearance:
type: object
$ref: '#/components/schemas/UserPermissionValue'
content:
type: object
$ref: '#/components/schemas/UserContentPermissionValue'
modules:
type: object
$ref: '#/components/schemas/UserPermissionValue'
versionHistory:
type: object
$ref: '#/components/schemas/UserPermissionValue'
UserPermissionValue:
type: object
properties:
read:
type: boolean
description: Is allowed to read
example: true
write:
type: boolean
description: Is allowed to write/manage
example: false
UserContentPermissionValue:
type: object
properties:
read:
type: boolean
description: Is allowed to read
example: true
write:
type: boolean
description: Is allowed to write/manage
example: false
textOnly:
type: boolean
description: Is allowed to edit only text
example: falseEmail Resources Permissions API
The Email Resources Permissions API ensures that only authorized users have the rights to edit email resources such as modules and images in your application. This feature helps prevent unauthorized access and ensures that the Stripo Plugin performs server-side operations only with your permission. To enable this feature, you need to implement the following backend endpoint on your server.
OpenAPI Specification
openapi: 3.0.3
info:
title: Stripo User Resources Permissions API
description: API for checking and granting permissions.
version: 0.1.0
servers:
- url: YOUR_RESOURCE_PERMISSIONS_CHECKER_URL
paths:
/:
post:
summary: Check and grant permissions
security:
- basicAuth: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ResourcePermissionsRequest'
responses:
200:
description: Resources permissions
content:
application/json:
schema:
$ref: '#/components/schemas/ResourcePermissionsResponse'
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
schemas:
ResourcePermissionsRequest:
type: object
properties:
pluginId:
type: string
description: ID of the plugin requesting permissions
example: YOUR_PLUGIN_ID
uiData:
type: object
description: The value of 'metadata' field from editor initialization parameters
additionalProperties:
type: string
requestPermissions:
type: array
description: Array of permissions that plugin requests
items:
$ref: '#/components/schemas/ResourcePermission'
required:
- pluginId
- uiData
- requestPermissions
ResourcePermission:
type: object
properties:
type:
type: string
description: Operation subject. Supported values - BLOCKS, DOCS
example: BLOCKS
action:
type: string
description: Operation type. Supported values - READ, MODIFY
example: READ
key:
type: string
description: Key identifier that was configured in plugin settings with filled values
example: pluginId_YOUR_PLUGIN_ID_emailId_123_id_456
keyTemplate:
type: string
description: Key identifier that was configured in plugin settings
example: emailId_${emailId}_id_${someAnotherIdentifier}
ResourcePermissionsResponse:
type: object
properties:
grantPermissions:
type: array
items:
$ref: '#/components/schemas/ResourcePermission'Email Change Notification API
The Email Change Notification API allows you to receive information about the time and author of each autosave for security and atomic integrity purposes during simultaneous editing. This webhook needs to be specified in the plugin settings to function correctly.
To ensure that the webhook functions correctly, you need to specify an endpoint in the plugin settings that meets the following specifications.
OpenAPI Specification
openapi: 3.0.1
info:
title: Stripo Notification API
version: '0.1.0'
servers:
- url: YOUR_EMAIL_CHANGE_NOTIFICATION_URL
paths:
/:
post:
description: Handle email notification of changes info
operationId: handleEmailChanged
security:
- basicAuth: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SaveRequest'
required: true
responses:
'200':
description: Successful response
content:
application/json:
schema:
type: object
nullable: true
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
schemas:
SaveRequest:
type: object
required:
- emailId
- userId
- updatedTime
properties:
emailId:
type: string
userId:
type: string
dateTime:
type: integer
format: int64