What is valid input for webhook-secret?

openziti / ziti-webhook-action

Github Action to post a Webhook over a Ziti network

Apache License 2.0

3 stars 0 forks source link

What is valid input for webhook-secret? #7

Closed qrkourier closed 2 years ago

qrkourier commented 2 years ago

I see in Marketplace the ziti-id param is the JSON identity config, but how is a valid value for webhook-secret composed?

smilindave26 commented 2 years ago

ziti-webhook-action attempts to mimic GitHub webhooks ala https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks

qrkourier commented 2 years ago

Got it, thanks. Now I see this value is only used to add an authenticity and integrity signature as an HTTP header which the recipient may choose to use to verify the sender is in possession of the same secret string.