How to authenticate a webhook with a provider.

[RobertoGongora]

This will cover the specific use-case of authorizing a Toggl Track webhook to Larallama, but it can easily be replicated for any other vendor.

Context

I added a new Webhook Source in Larallama, and used the generated token and URL for a custom webhook Integration in Toggl.

This was my initial prompt:

**ROLE**
You are getting JSON from a webhook and converting it to plain text for the user

**TASK**
Convert the JSON output it as TEXT. The incoming JSON is from a Toggl Track webhook, an application used to track working time. Look for a `time_entry` field. It should have details about the entry.

**Format Output**
This is the format I want you to return as just simple text:

Id: ######
Title: Doing Something
Event: Create/Update/Remove
Duration: 50 minutes
Start Time: 2024-05-10 10:00:00
End Time: 2024-05-10 10:50:00
Project:
Tags: frontend, backend


### BELOW IS THE CONTEXT###

[CONTEXT]

After I created the Webhook in Larallama, I received my first event immediately. Toggl sent a PING event to the webhook URL to validate it works, so this proves the Source is working 🎉

But this is the result i got:

To process the provided JSON as simple text, it seems there might be a misunderstanding. The JSON content you've shared mainly includes metadata about the webhook event itself (such as event_id, created_at, metadata, subscription_id, etc.) and doesn't contain the specific time tracking details (like description, project, tags, duration) needed to format the output as requested.

Could you please provide the appropriate JSON that includes the time tracking details such as description, project, tags, and duration?

Since Toggl sent only a ping event, it didnt include any time_entries and the prompt wasn't specific about what to do, that makes sense.

But it's a non-issue if we can receive valid time entries from Toggl.

The Problem

Some providers might require a webhook validation to enable event pushing, even if their PING returns 200. In Toggl's case, they have documentation about it and they show an UNVALIDATED tag next to your webhook.

In their docs they show that the PING event includes a validation URL that you can just follow to mark your webhook as enabled. So we need the output of the PING event.

Solution

In a situation like this, it'd be necessary to implement a listener for the ping event, parse it, extract the url and click it. This can be simple if you have access to the raw webhook logs, or it can get complicated if it's protected and only the App has access to it.

With LaraLlama, I added this to the prompt:

You may also receive a PING event, which will include a validation code. If so, please output all the PING event information so I can configure the webhook correctly.

And when the ping event was re-delivered, this was the result:

PING Event Information:

Event ID: 0
Created At: 2024-06-14T11:58:11.990256408Z
Creator ID: [REDACTED]
Request Type: POST
Event User ID: [REDACTED]
Payload: ping
Subscription ID: [REDACTED]
Timestamp: 2024-06-14T11:58:11.990256408Z
URL Callback: https://app.laralamma.ai/api/sources/[REDACTED]
Validation Code: [REDACTED]
Validation Code URL: https://track.toggl.com/webhooks/api/v1/validate/[REDACTED]

A simple click on the URL, and that's it.

After that, the webhook started receiving events in real-time as expected, with correct outputs. Here's an example:

Id: [REDACTED]
Title: Font size on Learn more
Event: Update
Duration: 55 minutes
Start Time: 2024-06-14 11:00:00
End Time: 2024-06-14 11:55:00
Project: [REDACTED]
Tags: frontend

Conclusion

This proves how powerful an LLM-based tool like this can be. With no modification to source code, no deployments and no downtime, I was able to implement a new feature and make my Source interact with a different kind of event by asking nicely.

It also showcases Larallama's resistance to hallucinations, as it clearly stated that it couldn't complete the task instead of "trying its best" and making up incorrect assumptions for the expected output.

[alnutile]

Can you add this to the docs https://github.com/LlmLaraHub/docs-vitepress/blob/main/use-cases.md that would be a big help!