All inbound webhook POST requests received by any unique webhook endpoint are authenticated before processing using a unique Authentication Key and Secret. If you're using Zapier to build a no-code integration, please refer to our article for Zapier Connector for Inbound Webhooks as the Authentication functions differently.
- Generate an Authentication Key and Secret
- Encode Authentication Key and Secret
- PHP Example for Base64 Encode
- Webhook Request Example
Generate an Authentication Key and Secret
The Key and Secret are unique for every Leadfwd account and only a single pair can be generated. This process should be handled by the Leadfwd Account Owner or an authorized Administrator. The key and secret pair should be treated just like a password and never shared! If you suspect a breach has ever occurred or the pair have been compromised, immediately revoke the key and secret.
- Navigate to Settings
- Authenticate when prompted, to view Settings
- Expand Integrations and select Webhooks or Available Apps (then select Webhooks)
- From the Authorization tab, click Generate Key + Secret
Upon selecting Generate Key + Secret, the Authentication key will be sent securely to the account owner's email address and the secret will be available in your Connector settings view.
Authentication Key and Secret
The authentication string for webhooks is a base64 encoded representation of the string by concatenating the two unique keys provided (Authentication ID and Secret Key) separated by :
PHP Example
$headerAuth = "Authorization: Basic " . base64_encode("$key:$secret");
Webhook Request
POST /v2/webhooks/$webhook_endpoint_string
HTTP/1.1
Authorization: Basic {$key}:{$secret}
Host: api.$leadfwd_domain
Accept: application/json
Content-Type: application/json
Comments
0 comments
Please sign in to leave a comment.