Community Forum

Ask a Question

Event webhook call digests not matching causing failed attempts

We are getting an issue on the webhook calls, where some requests are being authorized successfully and others not. We have determined that the issue occurs due to the request signature being passed in the request header from Root not matching the digest we generate on our end. This only happens sometimes, not constantly. We do have sample data if you need (not added due to sensitivity). On our end we consistently generate the digest in the same way for all incoming requests: 1. We take the incoming JSON object and serialize it to a raw JSON string. 2. We then create a HMACSHA1 with the webhook secret. 3. We compute the hash of the HMACSHA1 with the request body string (step 1), and convert it to a lowercase hex string, which gives us our digest. 4. We compare the digest to the request signature to determine if a request is Authorized. This appears to be an issue with how the digests are being calculated when the calls are made from the Root back-end. This is happening in production often and in the sandbox much less so. Any idea what this issue could be?
ANSWERED

Prepopulating application schema data

Hi, After capturing the quote, I have the following (truncated) response from the `getQuote` hook: ```json { "quote_package_id": "115f1f1f-0870-49a6-8580-1197f1efb3d2", "package_name": "OneSpark Essential Funeral", "input_data": { "commencement_date": "2023-04-01T00:00:00.000Z" }, "product_module_definition_id": "b5389a08-94a2-4ed9-a9f9-7abe6d07668f" } ``` On the application schema page (the page after the policyholder page). I'm trying to prepopulate the `commencement_date`. The relevant schema excerpt below: ```json { "key": "commencement_date", "type": "date-picker", "label": "Cover Start Date *", "outputPath": "commencement_date", "validators": [ { "validation": { "type": "required" } } ] }, ``` The way I'm interpreting the docs [here](https://docs.rootplatform.com/docs/schemas-overview#prefilling-schema-inputs) is that the `input_data` object should make the page prepopulate the commencement date, but this is not working. The only time the mechanism seems to be working is when I navigate back after capturing the application fields, but then the `input_data` is set on the application, and not coming from the quote anymore. Please advise. Thanks
ANSWERED

Policy not_taken_up webhook

Is doesn't look like there are any webhook events (not a not_taken_up, policy_updated or anything else) triggered when a policy's status is set to not_taken_up - is this correct? If so, can we log a request to have a webhook event for when a policy is set to ntu?
ANSWERED

Payment Create API :: What Events Are Triggered

Good day We have started using the new [payments API](https://docs.rootplatform.com/reference/create-payment) What is not clear is what events fire off of the different permutations of the payment object sent through successfully. What events/communications are fired for the following? 1. payment_type 1. premium_type 1. collection_type Do we need to use collection_type = debit_order_* to fire off the debit order comms? * If we do use a debit_order_* type other than comms are there any other things that happened (bear in mind this is for a payment being fed in where the product module is configured to external payments)?

Mocking the 'root' object?

Hi, In our unit-testing-code.js, we're trying to test some code which accesses a datastore, as in the example: `await root.dataStores.store('data_store_key').find();` Unfortunately, the `root` object is always undefined. Am I failing to setup the test correctly? Thanks

status_updated_at field

Hi, When [this](https://docs.rootplatform.com/docs/actions#mark-policy-not-taken-up) action occurs, can you confirm whether the `status_updated_at` field on the policy will be updated to the date of the event? We have an example of an event where this is not the case. The issue on our side (consuming the `policy_updated` event via a webhook) is that we don't know whether that status was updated at the time of the event of previously some time in the past. Thanks

Scheduled root export

Hi team I am trying to setup a scheduled report to upload onto an SFTP. I have done this in the past and it has worked. For one of my reports I am getting this error. Please can you assist. sftpConnect: client-socket error. Address lookup failed for host sftp.italkholidings.co.za I have checked and the address is correct.
ANSWERED

Policy Document Helpers

Good day We see that a new feature has been released to allow sending of a policy document URL via a handlebars helper: <https://docs.rootplatform.com/docs/handlebars-helper-reference#policy-document-helpers> We wanted to understand it before we start exploring it Can you please advise on these questions: 1. `Enable/Disable:` Do we need to enable it somewhere or ask Root support to? If we need to enable it how do we do this? 2. `Access:` once the document has been opened once can it be accessed again? 3. `Security:` is the only security the client's ID number or is there some sort of challenge response mechanism every time they open it? Is there a way to configure this? 4. `URL:` do we need to shorten the URL or is this handled already by using the helper? 5. `Product/Policy number and other variables in the name:` Do we need to target a specific product? Looking at a recent change after running the Root cli seems to have added some sort of policy number to the policy doc name in the Root config 6. `Notification:` What does this notification look like? The above docs mention a notification, not really sure if this is intended for the client or the insurer 7. `Revoke access:` is there a way to expire the link once it has been sent out? 8. `Cancelled/NTU:` can policies in an NTU/cancelled state still have their documentation accessed? Are there any other restrictions preventing access? 9. `Terms Document:` can terms be exposed this way (the docs don't mention it)? If so what value do we use? If not are there plans to expose this? 10. `Hook:` is there a webhook for this? 11. `Testing:` given there are only notifications in prod, what is the best way to test this feature?
ANSWERED

Payments API: How to specify finalized_at

Good day We see example payment responses where there is a field called `finalized_at`. The create-async and update-async payment apis make no mention of this field. How would we specify this field?
ANSWERED

Requote alteration

Hi, Is there a way to customize the requote alteration hook? I want to validate whether the policy being requoted has a specific field already present, and if so, requoting should not be allowed to continue. I see a lot of documentation mention the old deprecated requote hook, but none describing the new Requote alteration. Thanks