Webhooks Security – Featuring HTTP Authentication

Webhooks provide a way to notify external apps, services, and urls when changes are made in your content stack. For instance, you can create a webhook that notifies a URL whenever a new entry is created in a particular content type or whenever an existing content type is modified. This allows for data synchronicity across applications.

While it was always possible to use webhooks in our content management system, Contentstack, we have made several major changes to make webhooks more secure and powerful. Here’s what’s new:

Basic HTTP Authentication

You can now add basic HTTP authentication to make your webhooks more secure. To do this, add a username and password before saving your webhook. This will ensure that the webhook data will be accessible only by the users who have the credentials.

Custom Headers

We have added the functionality to add custom headers to your webhook. This lets you pass any number of key-value pairs to the webhook URL when the webhook is triggered. This is especially helpful when the receiving URL needs additional data such as API key or access token of your application.

Manual Trigger

If the destination URL is not able to accept requests due to any reason, Contentstack will make multiple calls ( five attempts total) to the URL at regular intervals. After the fifth attempt, it will stop making calls. However, at any given time, you can access the activity and make the call manually.

Detailed Logs

Now you can view all the details of a webhook call by clicking the “Logs” link inside the webhook’s configurations area. You can sees the date and time when the webhook was triggered, the current status of the webhook call, and the “Call Details” – which shares the results of the request and response of the webhook.

Watch the video to learn more about our new features and how to use webhooks security in our CMS.