Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

How to set secret to secure webhooks using cloud_id/v3/rest api?

Atif Dastgir October 8, 2025

I've connected JIRA in my web app using oauth (have access/refresh tokens) - I'm registering webhooks programatically using this format:

{

  "name": "Test",

  "url": "https://xyz.com/webhooks/jira",

  "webhooks": [

    {

      "jqlFilter": "project = TESTPROJECT",

      "events": ["jira:issue_created", "jira:issue_updated"]

    }

  ],

  "excludeBody": false,

  "secret": "abc"

}

I followed this link to write register logic (https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-webhooks/#api-rest-api-3-webhook-post). The webhook registers and I get events without any signature.

 

I'm not getting any header signature when I receive event. Kindly guide how to achieve this?

 

Thanks

1 answer

0 votes
Mohanraj Thangamuthu
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 8, 2025

Hello, Good day. Noticed you have .com URL whether this is Jira cloud or Datacenter setup?. Thanks!

Atif Dastgir October 19, 2025

Hi, .com url is the url on my website where I will receive the webhooks. I'm using Jira Cloud (oAuth App)

Mohanraj Thangamuthu
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 19, 2025

Thanks. I would like to know if you have already tried the steps suggested in the following link?

https://support.atlassian.com/jira/kb/how-to-use-oauth20-in-postman-client-for-jira-cloud-apis/

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
TAGS
AUG Leaders

Atlassian Community Events