Solved

Implementing Bearer Token in a Webhook

  • 10 August 2023
  • 1 reply
  • 51 views

Badge

Hi CData Community,


    I am trying to add another layer of security for a webhook. I would like to do the following:
    1. Pass @authtoken query parameter for CData API auth
    2. Pass Authorization via headers
    
Unfortunately, I am getting an error Error: Authentication is required for access to this resource.
It seems like the webhook first checks the Authorization header for CData API auth before checking the query parameter @authtoken.
But I need the Authorization header for my additional security. Is this implementation possible?

Thanks!

icon

Best answer by Charlie S 10 August 2023, 18:50

View original

1 reply

Userlevel 3
Badge

Hi Nathaniel,

Unfortunately what you are trying to do here is not natively supported within the Webhook connector. The Authorization header is reserved in the Webhook connector specifically for use with the auth token that is created for each webhook user and it cannot be overridden.

However, I have been successful in using the response event of the webhook connector to implement a http signature requirement for webhook, shown here: https://community.cdata.com/cdata-arc-48/custom-signature-authentication-in-the-webhook-connector-281

While this isn’t quite what you were trying to do, this solution is pretty close and honestly might be a better choice if you are looking for an extra later of security.

Reply