How to authenticate webhooks?

The webhook documentation and API documentation do not mention how to authenticate a webhook sent to the configured URL. Is there a supported way to do this?

Typically I'd expect a signature to verify or a header with an API key but I don't see either in the requests.

I could hard code an API key into a query param on the configured URL but that seems less than ideal.

Any help would be much appreciated.

1 answer

1 vote

Hi, @ben_walford! Welcome to the community!

If I understood your question correctly, you would like to authenticate the webhook destination servers, is that correct? If that’s the case, unfortunately, we currently don't have a way to do this as this feature is not available yet. We do have a feature request for this as you can see in the link below:

BCLOUD-14683 - Add webhook secret

I've linked your question to this feature request. Please consider adding yourself as a watcher, so you get updated as we make progress with this. If you are not familiar with our Feature Request Policy, you can learn more about it here:

Implementation of New Features Policy

So, as a workaround, you can pass the credential using HTTPS by using:

https://<username>:<Password>@<URL>

Please, feel free to share any additional questions regarding this subject.

Kind regards,
Caroline

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

How to authenticate webhooks?

1 answer

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events