Product update: Improved Webhook integration security

Radim Hernych
May 01, 2020

We are constantly improving our integrations. This time we focused on security of our Webhook integration.

Webhooks deliver data to publicly accessible URLs. They are often secured just by obscuring the endpoint urls (where every user obtains a unique URL to send webhook data to). Anyone with the knowledge of the endpoint's url can send data to it.

We've added an optional extra security layer to our webhooks. You can now specify a "secret" token which will be used by Ybug to compute a signature of the payload sent to your webhook endpoint. Every webhook request then contains the X-Ybug-Signature header with this signature. This way, you can verify that the webhook request really originated from Ybug.

Webhook integration settings - add a secret
Add a secret value in your Webhook settings

Please read our documentation to learn more.


This website uses cookies to ensure you get the best experience on our website. Learn more   

   Got it!