Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ShohjahonSohibov/repo-for-agent/llms.txt

Use this file to discover all available pages before exploring further.

UpdaterAgent acts as a webhook receiver for two external systems: QuickManage (TMS) and Nylas (email). The QuickManage webhook endpoint is publicly accessible but protected with HMAC-SHA256 signature verification using a shared secret — no JWT is required because QuickManage initiates the request. Subscriptions to QuickManage are managed via a dedicated controller and are automatically renewed every 48 hours by a background job. This page also covers the UTrackin ELD integration and the manual QuickManage import triggers.

QmWebhookController — /api/qm-webhook

POST /api/qm-webhook

Receive incoming webhook events from QuickManage. This endpoint requires no JWT authentication — QuickManage signs each request with an HMAC-SHA256 digest instead. Authentication: None (HMAC-SHA256 verified via X-QM-Signature header) Supported events
EventDescription
load.createdA new load was created in QuickManage
load.updatedAn existing load was updated in QuickManage
Request headers
X-QM-Signature
string
required
HMAC-SHA256 hex digest of the raw request body, signed with the shared webhook secret configured in your TMS settings.
Content-Type
string
required
Must be application/json.
Request body
event
string
required
The event type (e.g., load.created, load.updated).
payload
object
required
The event-specific payload containing the load data from QuickManage.
Example payload (load.updated)
{
  "event": "load.updated",
  "payload": {
    "tripNumber": "12345",
    "status": "InTransit",
    "driverId": "qm-driver-guid-abc"
  }
}
HMAC verification UpdaterAgent recomputes the signature on every inbound request. If the computed digest does not match the X-QM-Signature header, the request is rejected with 401 Unauthorized.
Verify signature (example)
echo -n '<raw-request-body>' | openssl dgst -sha256 -hmac '<your-shared-secret>'
Never expose the /api/qm-webhook endpoint without valid HMAC verification. Disabling signature checking would allow any caller to inject arbitrary load events into your system.

QmWebhookSubscriptionController — /api/qm-webhook-subscriptions

Manage your QuickManage webhook subscriptions. A subscription tells QuickManage which URL to send events to. Subscriptions must be renewed periodically — UpdaterAgent does this automatically every 48 hours via the QmWebhookRenewal background job.

GET /api/qm-webhook-subscriptions

List all active QuickManage webhook subscriptions for the current company. Required permission: QmWebhook.View
cURL
curl https://your-domain.com/api/qm-webhook-subscriptions \
  -H "Authorization: Bearer <accessToken>"
Response
{
  "items": [
    {
      "id": 1,
      "callbackUrl": "https://your-domain.com/api/qm-webhook",
      "expiresAt": "2026-05-13T10:00:00Z",
      "events": ["load.created", "load.updated"]
    }
  ]
}

POST /api/qm-webhook-subscriptions

Create a new QuickManage webhook subscription. UpdaterAgent will register the provided callback URL with the QuickManage API. Required permission: QmWebhook.Create
callbackUrl
string
required
The HTTPS URL QuickManage should POST events to (must be publicly reachable).
events
array
required
List of event types to subscribe to (e.g., ["load.created", "load.updated"]).
cURL
curl -X POST https://your-domain.com/api/qm-webhook-subscriptions \
  -H "Authorization: Bearer <accessToken>" \
  -H "Content-Type: application/json" \
  -d '{
    "callbackUrl": "https://your-domain.com/api/qm-webhook",
    "events": ["load.created", "load.updated"]
  }'

PUT /api/qm-webhook-subscriptions/{id}/renew

Manually renew a webhook subscription before it expires. The background job renews subscriptions automatically every 48 hours, but you can trigger a renewal at any time using this endpoint. Required permission: QmWebhook.Update
id
number
required
The subscription ID to renew.
cURL
curl -X PUT https://your-domain.com/api/qm-webhook-subscriptions/1/renew \
  -H "Authorization: Bearer <accessToken>"

DELETE /api/qm-webhook-subscriptions/{id}

Delete a webhook subscription and deregister it from QuickManage. Required permission: QmWebhook.Delete
id
number
required
The subscription ID to delete.
Webhook subscriptions are automatically renewed every 2 days by the QmWebhookRenewal Hangfire background job. You only need to use PUT /{id}/renew manually if a subscription is about to expire and the background job has not yet run.

UTruckInController — /api/utruckin

UTrackin ELD integration operations. Use these endpoints to manually trigger vehicle position imports or verify the ELD connection.

POST /api/utruckin/import-positions

Manually trigger an import of vehicle positions from UTrackin. This is normally handled by the LogisticsCoreImport background job every 25 minutes. Required permission: EldImport.Execute
cURL
curl -X POST https://your-domain.com/api/utruckin/import-positions \
  -H "Authorization: Bearer <accessToken>"

POST /api/utruckin/test-connection

Test the current UTrackin ELD connection using the credentials stored in your ELD settings. Required permission: EldSettings.View
cURL
curl -X POST https://your-domain.com/api/utruckin/test-connection \
  -H "Authorization: Bearer <accessToken>"
Response (success)
{ "success": true, "message": "UTrackin connection verified." }

QuickManageController — /api/quickmanage

Manual import triggers for QuickManage TMS data. These endpoints let you immediately pull data from QuickManage outside the regular 3-hour background import cycle — useful after initial setup or after correcting data in QuickManage. All endpoints require the TmsImport.Execute permission, except test-connection which requires TmsSettings.View.
1

Test the connection

Verify your credentials are valid before triggering an import.
cURL
curl -X POST https://your-domain.com/api/quickmanage/test-connection \
  -H "Authorization: Bearer <accessToken>"
2

Import drivers

Pull the latest driver roster from QuickManage.
cURL
curl -X POST https://your-domain.com/api/quickmanage/import-drivers \
  -H "Authorization: Bearer <accessToken>"
3

Import trucks and trailers

Sync your vehicle fleet.
cURL
curl -X POST https://your-domain.com/api/quickmanage/import-trucks \
  -H "Authorization: Bearer <accessToken>"

curl -X POST https://your-domain.com/api/quickmanage/import-trailers \
  -H "Authorization: Bearer <accessToken>"
4

Import brokers and loads

Pull broker profiles and active loads.
cURL
curl -X POST https://your-domain.com/api/quickmanage/import-brokers \
  -H "Authorization: Bearer <accessToken>"

curl -X POST https://your-domain.com/api/quickmanage/import-loads \
  -H "Authorization: Bearer <accessToken>"
All manual import endpoints
MethodEndpointPermissionDescription
POST/api/quickmanage/import-driversTmsImport.ExecuteImport drivers from QuickManage
POST/api/quickmanage/import-trucksTmsImport.ExecuteImport trucks from QuickManage
POST/api/quickmanage/import-trailersTmsImport.ExecuteImport trailers from QuickManage
POST/api/quickmanage/import-brokersTmsImport.ExecuteImport brokers from QuickManage
POST/api/quickmanage/import-loadsTmsImport.ExecuteImport loads from QuickManage
POST/api/quickmanage/test-connectionTmsSettings.ViewTest the QuickManage API connection
The regular QuickManage background import runs every 3 hours automatically. Manual triggers are provided for on-demand synchronization and initial data bootstrapping.

Build docs developers (and LLMs) love

Get started for freeTalk to us