Product Updates

Product update: Improved Webhook integration security

Radim H.
Radim Hernych
May 01, 2020

We are constantly improving our integrations. This time we focused on security of our Webhook integration.

Webhooks deliver data to publicly accessible URLs. They are often secured just by obscuring the endpoint urls (where every user obtains a unique URL to send webhook data to). Anyone with the knowledge of the endpoint's url can send data to it.

We've added an optional extra security layer to our webhooks. You can now specify a "secret" token which will be used by Ybug to compute a signature of the payload sent to your webhook endpoint. Every webhook request then contains the X-Ybug-Signature header with this signature. This way, you can verify that the webhook request really originated from Ybug.

Webhook integration settings - add a secret
Add a secret value in your Webhook settings

Please read our documentation to learn more.

Ready to simplify
how your team works?

Join agencies, startups, and developers using Ybug to collect clear, actionable reports – with full context, fewer delays, and no disruption to your workflow.

Start free trial