Supported Authentication Methods

The One Record API supports multiple authentication methods for securing webhook requests, providing flexibility depending on your security needs. When setting up a webhook, you can choose from the following authentication methods:

No Authentication

Webhooks can be configured to send HTTP requests without requiring any authentication. This option is suitable for internal or non-sensitive integrations but may not be recommended for production use in public-facing systems.

Basic Authentication

Webhooks can use Basic Authentication, which requires a username and password to authenticate the incoming HTTP request. This is a simple but effective method to secure webhooks.

Example request header

Authorization: Basic base64encoded(username:password)

API Key Authentication

Webhooks can send requests with an API key included in the headers, providing an additional layer of security. The receiving endpoint must validate the API key before accepting the request.

Example request header

YourApiKeyHeader <your_api_key>

OAuth2 Authentication

Webhooks can be configured to use OAuth 2.0 for authentication, providing the most robust security model. The OAuth 2.0 token is included in the HTTP request headers and needs to be validated by the receiving service.

Example request header

Authorization: Bearer <access_token>

PreviousRestriction & Limitation NextPayload signature

Last updated 1 year ago

hashtagNo Authentication

hashtagBasic Authentication

hashtagExample request header

hashtagAPI Key Authentication

hashtagExample request header

hashtagOAuth2 Authentication

hashtagExample request header

No Authentication

Basic Authentication

Example request header

API Key Authentication

Example request header

OAuth2 Authentication

Example request header