How is the "Security" attribute used in a webhook
search cancel

How is the "Security" attribute used in a webhook

book

Article ID: 204708

calendar_today

Updated On:

Products

CA Agile Central SaaS (Rally)

Issue/Introduction

How is the "Security" attribute used in a webhook

Environment

Release : SAAS

Component : API FOR AGILE CENTRAL

Resolution

The Security attribute that you configure within the webhook is meant as a way to validate that the webhook came from the correct place.  It is basically a passphrase. So the idea is that when you create your webhook, you add a value into the Security field in the webhook as shown below:

This value then gets passed in the header with every webhook that is fired to your TargetUrl:

 

Now your target application can inspect that field in the header and validate that it came from a trusted source