A cyclic execution issue was identified in the webhook service when the webhook destination was set to the Authvia Trigger API to create a business process, and the webhook type was configured as business_process:create or business_process:update. This document details the implemented solution to prevent infinite loops by introducing an origin header and execution checks.

Problem

1. When a business process is created or updated, it triggers the webhook to receive business process create or update events.
2. Suppose the webhook's destination is the Authvia Trigger API URL configured to create a business process. In that case, the webhook initiates a call to that destination, creating a new business process.
3. This new business process creation triggers the webhook again, leading to an endless loop of webhook executions on business process creation or update events.

Solution

1. Each service invocation now includes a unique identifier in the request headers.
2. The system checks if the unique ID originated from the current service URL.
3. If the unique ID is detected as originating from the current URL, the process halts to prevent recursive calls.

Additional Updates

• autoDisableField Addition (2024-12-02) : Introduced the autoDisable field to enhance validation when creating webhooks for merchants.
• Trigger Existence Validation (2024-12-13): Implemented validation to ensure the existence of a trigger for a merchant when the destination URL is set to Authvia Trigger.

These measures enhance system stability and prevent unintended recursive executions.

https://developer.authvia.com/v3.3/reference/create-webhook-subscription