Authentication Methods

The Core Webhook Module supports 11 different authentication methods to secure your webhook endpoints. You can combine multiple authentication methods for enhanced security.

Available Authentication Methods

Bearer Token - Simple token-based authentication
Basic Authentication - HTTP Basic Auth
JWT Authentication - JSON Web Token validation
HMAC Signature - HMAC signature verification
IP Whitelisting - Restrict by IP address
Header-based Authentication - API keys in custom headers
Query Parameter Authentication - API keys in query parameters
HTTP Digest Authentication - HTTP Digest Auth
OAuth 1.0 - OAuth 1.0 signature validation
OAuth 2.0 - OAuth 2.0 token validation
Google reCAPTCHA - Bot protection with reCAPTCHA

Combining Authentication Methods

You can combine multiple authentication methods for enhanced security:

{
    "fully_secured": {
        "data_type": "json",
        "module": "rabbitmq",
        "authorization": "Bearer super_secret",
        "hmac": {
            "secret": "hmac_secret_key",
            "header": "X-HMAC-Signature",
            "algorithm": "sha256"
        },
        "ip_whitelist": [
            "203.0.113.0"
        ]
    }
}

All specified validators must pass for the webhook to be accepted.

Available Authentication Methods​

Combining Authentication Methods​

Available Authentication Methods

Combining Authentication Methods