At TeamworkIQ, we’d like to implement a security mechanism for the Webhook requests to be authenticated.
- Receive a secret as a response for the Subscribe operation that needs to be stored in the Zap context.
- Validate a header sent on each webhook request before triggering the zap
Is it possible to store a property received on the subscribe request in the bundle object for the zap? Or any other place?
CleanedRequest documentation mentions we could access the headers property, but trying to test this, I’ve only been able to get the body payload and a querystring property. Is it possible to have this validation on every webhook request received and accessing their header before proceeding to run the zap?
Best answer by khakmanView original
Found a useful post
Check out the subscribeData object. This provides a context for data returned from the subscribe request so that you can reference it in the perform and unsubscribe. https://zapier.github.io/zapier-platform/#bundlesubscribedata