Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Webhook Auth: Add authentication rules to webhooks #245

Closed
amberrignell opened this issue Aug 10, 2022 · 2 comments
Closed

Webhook Auth: Add authentication rules to webhooks #245

amberrignell opened this issue Aug 10, 2022 · 2 comments
Assignees
@midigofrank @elias-ba
Labels
epic

Comments

@amberrignell
Copy link
Contributor

amberrignell commented Aug 10, 2022
edited by NickOpenFn

Figma: https://www.figma.com/file/2Uvr2jOaQh6rQNR1cHlLKM/App?type=design&node-id=262-4097&mode=design

Overview:

As a user, I want to be able to add either Basic or API Key based authentication to my Webhooks to have a layer of security.

  • When creating or editing a Webhook trigger, I should be able to add a "Authentication" Credential.
  • Within OpenFn, we should allow the user to select to setup Basic HTTP Authentication or API Key Authentication
  • The user can opt to have no form of authentication

As a user, I may need to rotate keys, therefore:

  • I may want to have multiple authentications that can exist for a single Webhook
  • These multiple authentications can be of different types (Basic or API key)

Issues created for the implementation all linked to this Epic
@amberrignell amberrignell added the needs detail More detail is needed before development can start label Aug 12, 2022
@amberrignell amberrignell self-assigned this Aug 23, 2022
@taylordowns2000 taylordowns2000 added this to the Security Parity milestone Apr 1, 2023
@taylordowns2000 taylordowns2000 removed the needs detail More detail is needed before development can start label Apr 28, 2023
@NickOpenFn
Copy link

Not ready: Requires UI

@taylordowns2000 taylordowns2000 assigned elias-ba and unassigned elias-ba Aug 31, 2023
@NickOpenFn NickOpenFn self-assigned this Sep 13, 2023
@NickOpenFn NickOpenFn added the needs detail More detail is needed before development can start label Sep 13, 2023
@NickOpenFn NickOpenFn changed the title Add authentication rules to webhooks Webhook Auth: Add authentication rules to webhooks Sep 27, 2023
@NickOpenFn NickOpenFn removed the needs detail More detail is needed before development can start label Sep 28, 2023
@NickOpenFn NickOpenFn assigned elias-ba and midigofrank and unassigned NickOpenFn Sep 28, 2023
@NickOpenFn NickOpenFn removed this from the Security Parity milestone Sep 28, 2023
@taylordowns2000
Copy link
Member

@elias-ba , @midigofrank , @NickOpenFn - noting this here so I don't forget.... the create/update/delete actions on webhook_auth_methods themselves and the add/remove actions (create/delete on trigger_webhook_auth_methods- the many-to-many table) need audit trail actions that are very similar to those defined for credentials. Nick and I will sync up on this tomorrow to get you the full list!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@midigofrank midigofrank

@elias-ba elias-ba

Labels
epic
Projects
No open projects
Lightning Sprints
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@taylordowns2000 @amberrignell @midigofrank @elias-ba @NickOpenFn