Webhook Authentication Guide for Make.com Users

Webhooks are a useful tool for real-time data delivery, but they can also pose a security risk if not properly authenticated. In this article, we'll walk you through how to authenticate incoming webhooks on Make.com, using four different authentication strategies: HMAC, appending an API key to the header, Basic Auth, and Bearer Token.

Setting Up Authentication

The first step in setting up authentication for your webhooks is to enable “Get Request Headers” in the webhook settings. This allows Make.com to receive the authentication data from the incoming webhook.

Next, you'll need to set up a filter to check the validity of the authentication data. This can be done by checking if the payload contains a property matching a secret string or if a custom header name contains a value. If you're on an Enterprise plan, you can replace the value “password” with a Custom Variable stored in your team. This way, you don't have to update each filter for all your webhook scenarios when you only want to rotate the token value.

Troubleshooting Tips

If your authentication fails, you can use the Webhook Response module to send a 401 error with a suitable body text. This will let you know that the authentication was unsuccessful.

Also, remember that the speed of your webhook response may be important. If this is the case, consider using a Make Data Store to hold valid keys, messages, or tokens. The only downside is that editing large amounts of data in a Data Store isn't easy, so if you expect to have a lot of data, you might need an additional scenario that manages it through a forms front-end.

Conclusion

Authenticating your webhooks is an important step in ensuring the security of your data. By following these steps, you can set up authentication for your incoming webhooks on Make.com using HMAC, appending an API key to the header, Basic Auth, or Bearer Token. Remember to check the validity of your authentication data and use the Webhook Response module if authentication fails. Happy Making!

You do have further questions?

Ask your question via E-Mail: Richard@make-app.de
Book a paid Support & Consulting Session
New Make.com user? Sign up through this Affiliate Link to receive 10.000 operations for FREE.