Developers can use the new requirements type 'webhooks' in their requirements.json file. These requirements work similarly to other types of apps requirements.

What's changing?

Unlike targets, webhooks created by apps requirements can be edited and deactivated by admins. This gives admins flexibility to adjust for any issues they may encounter. When editing or deactivating webhooks created by apps in Admin Center, appropriate warnings and labels are present to ensure admins understand that their changes could affect the app's functionality. It's also important to note that any updates made by the app developer will override any manual changes to webhooks that admins have made.

Additionally, developers can specify a secret signing key for webhooks created by apps requirements. Secret keys defined this way can't be viewed or reset by account admins. Allowing app developers to define webhook secret signing keys enables them to validate a single signing secret when receiving webhooks to their server.

What do I need to do?

In most cases, developers should be able to remove their 'targets' requirement and add a 'webhooks' requirement. Then, when the app is updated, the target will be deleted and a webhook will be created and linked to any triggers that were also created.

Note that some customers who have installed these apps may have connected non-app-associated triggers with the old target. These users could be affected if the target is deleted because the trigger won't be linked to the newly created webhook unless that is specified in the requirements.

If you have questions or feedback, post it in the Zendesk Apps Framework (ZAF) community.