Create a Webhook for Event-based Notifications
-
Go to Extensions > Webhooks.
-
Select Create Webhook. Fill in the necessary data:
Field Description URL Address to send the notification to (for example, the logging endpoint URL) Subscribed events Select events which trigger the notification from the list. Keep in mind that events are specific to the workspace type. -
Select Create to confirm. Copy the API key when notified - this API key is always sent with the outbound Cloudentity request so that you can use it to protect the target server.
Your webhook is created. Event-based notifications should now be triggered in this workspace. If you want to disable certificate validation when sending requests from Cloudentity, activate the Developer mode.
Hardening
Each webhook invocation contains an HTTP header X-API-Key
with a unique value of Webhook API Key
(presented in the last step of the previous section). Your logging solution should check this key,
so that only those requests with the correct value are accepted.
The following snippet represents such check as minimal nginx server:
server {
listen 80;
server_name <public url of the logging solution>;
location / {
if ($http_x_api_key != '<webhook api key>') {
return 403;
}
proxy_pass http://<backend url of the loggin solution>;
}
}