Report Filing Service

<back to all web services

CreateWebhookSubscriptions

CreateSubscriptionsWebhooksSync

Represents a request to create webhook subscriptions from a user tax number, account ID and webhook events.

Requires Authentication
The following routes are available for this service:
POST/sync/webhooks/subscriptions/create
CreateWebhookSubscriptionsBase Parameters:
NameParameterData TypeRequiredDescription
NameformstringNoThe name of the subscription.
AuthSteuernummerformstringYesThe BZSt (Bundeszentralamt für Steuern) - tax number of the user. 11-character text field that may only consist of two capital letters and 9 digits (0-9). The fiscal authority BZSt provides this number during registration at the BOP (BZSt-Online Portal - https://www.elster.de/bportal/start). The number is available in the private area of the BOP user account under "My BOP" under the "Registration Information"
AccountIdformstringYesThe account identifier of a BZSt-Online Portal (BOP) user. 10-character text field that may only contain numbers (0-9).
EventsformList<string>YesThe names of the subscribed events. .A subscriber can subscribe to more than one event.
UrlformstringYesThe callback URL to be called when an "event" of a certain type is going to be raised.
ContentTypeformstringNoThe MIME type of content pushed to the recipient service e.g. application/json
SecretformstringYesA random Base64-encoded secret key (8 or more characters) to sign and authenticate messages from webhook endpoints. .When receiving a webhook event in your subscribers service, calculate the HMAC signature of the request body using this secret. Compare the calculated signature with the signature included in the "X-Hub-Signature" header of the web hook event. If the signatures do not match, then disregard it, and don't process the request any further.
PublicKeyXmlformstringYesThe XML-encoded RSA public key to encrypt the secret of the webhook subscription. Note: Only the owner of the key pair (public and private encryption keys) can decrypt the encrypted secret with the private key! Encryption algorithm: RSA with OAEP-SHA256 padding.

To override the Content-type in your clients, use the HTTP Accept Header, append the .jsv suffix or ?format=jsv

HTTP + JSV

The following are sample HTTP requests and responses. The placeholders shown need to be replaced with actual values.

POST /sync/webhooks/subscriptions/create HTTP/1.1 
Host: reportfiling.pwc.de 
Accept: text/jsv
Content-Type: text/jsv
Content-Length: length

{
	name: String,
	authSteuernummer: String,
	accountId: String,
	events: 
	[
		String
	],
	url: String,
	contentType: String,
	secret: String,
	publicKeyXml: String
}

HTTP/1.1 200 OK
Content-Type: text/jsv
Content-Length: length

[
	{
		subscription: 
		{
			id: String,
			name: String,
			event: String,
			isActive: False,
			createdDateUtc: 0001-01-01,
			createdById: String,
			lastModifiedDateUtc: 0001-01-01,
			config: 
			{
				url: String,
				contentType: String,
				secret: String
			}
		},
		history: 
		[
			{
				attemptedDateUtc: 0001-01-01,
				statusDescription: String,
				statusCode: Continue,
				subscriptionId: String,
				id: String,
				eventId: String
			}
		],
		responseStatus: 
		{
			errorCode: String,
			message: String,
			stackTrace: String,
			errors: 
			[
				{
					errorCode: String,
					fieldName: String,
					message: String,
					meta: 
					{
						String: String
					}
				}
			],
			meta: 
			{
				String: String
			}
		}
	}
]
© 2020 - 2023 PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft.
PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. Portions of this program may use third-party open source components governed by the respective open source license terms.