As of now, webhooks created by JAWA do not appear to use authentication when communicating to the JAWA server. This appears to be a security risk, as those with the right URL can anonymously have the JAWA server perform the actions defined by that web hook.
I would like to request randomized credentials be set up as part of each webhook, so that both username and password are randomly generated for each webhook. That way, one compromised webhook would not compromise all.
As of now, webhooks created by JAWA do not appear to use authentication when communicating to the JAWA server. This appears to be a security risk, as those with the right URL can anonymously have the JAWA server perform the actions defined by that web hook.
I would like to request randomized credentials be set up as part of each webhook, so that both username and password are randomly generated for each webhook. That way, one compromised webhook would not compromise all.