Webhook authentication setup

Tabata Vossen -

Webhook 2.0 authentication ensures that the data delivered originates from Qualifio.

Webhooks require that your notification URL is accessible to Qualifio’s systems. However, we realise that you might not want this URL publicly accessible, for security reasons.

This is why you can choose to authenticate the notifications using the webhook header, in which case you should enter the name (key) and value.

Screenshot_2021-01-19_at_16.07.38.png

These credentials will be sent together with the webhook notification, allowing you to verify that incoming requests originate from Qualifio.

Once you’ve decided to add authentication to your webhook, you can follow one of our configuration examples:

Note: Each header line must specify the header name, followed by a colon (:), followed by the header value. The header name and the header value can be specified in Qualifio. Those will be automatically joined by a colon. The colon is always present – you don't need to write it down.

Bearer authentication

Authorization: Bearer <token>

Schermafbeelding_2021-09-07_om_13.53.08.png

Basic authentication

Authorization: Basic <token>

Schermafbeelding_2021-09-07_om_13.54.06.png

Other examples

  • X-Authorization: ...
X-Authorization: <token>

Screenshot_2021-02-26_at_10.57.47.png

  • X-Api-Token: ...
X-Api-Token: <token>

Screenshot_2021-02-26_at_10.58.56.png

  • X-Auth-Token: ...
X-Auth-Token: <token>

Screenshot_2021-02-26_at_10.59.45.png

Use something we don’t have on this list? Let us know, and we’ll try and point you in the right direction.