I try to implement some workflow where the start applicationX send a REST request to workato with POST parameters. This data will result in some actions in different other apps.
So, I can define a webhook. But how can I ensure that just my applicationX is allowed to send request? How can I do some kind of authentication on the webhook endpoint?
Or can you tell me other triggers which I can use?
Here's more information how Webhook trigger in Workato works: https://docs.workato.com/connectors/workato-webhooks.html
On the other hand, if you wanted to use your app and use a trigger and you want to set an authentication, you can build a custom connector using SDK: https://docs.workato.com/developing-connectors/custom-connector.html#connector-sdk
We have a similar use-case and I came across this support article.
Did this ever get concluded, and can someone from Workato please clarify, how the Workato WebHook Gateway is secure in the sense of only allowing Published WebHook events to be sent to it from the approved source which was originally subscribed too.
In other words how does Workato WebHook Gateway know that the incoming WebHook Published event from outside application, is indeed from the application that was subscribed too and not a bogus hacker attempting to hit the WebHook listening URL in Workato.
Send us a ticket, we will try our best to assist you with your problem