How to authenticate Sync gateway webhook url using OAuth

nagendrakumars · February 20, 2020, 5:59am

A microservice API which is secured with OAuth2 authentication should be called when a change detected. For eg:-

"event_handlers": {
  "document_changed": [
    {"handler": "webhook",
     "url": "https://someurl.com/type_A",
     "filter": `function(doc) {
          if (doc.type == "A") {
            return true;
          }
          return false;
        }`
     }
  ]
}

How to get the token?
How to cache the token?
How to modify the Authorization header and authenticate?

bbrks · February 20, 2020, 2:11pm

The webhook API in Sync Gateway does not support calling services that require OAuth2 authentication.

Typically, servers that receieve webhook events are stateless, and do one or more of the following to authenticate incoming webhook requests:

HTTP Basic Authentication
IP Whitelisting the source(s) of webhook requests
Mutual payload signing with a shared secret
Mutual TLS authentication

Sync Gateway supports HTTP Basic authentication for the webhooks, but does not do request signing or x.509/Mutual TLS authentication. You could implement IP Whitelisting on your side to further restrict.

You could write a microservice, that does the above basic authentication to recieve incoming webhooks, and then negotiates an OAuth2 session with another microservice.

Topic		Replies	Views
Tying auth/session to webhook callback Mobile java	7	861	July 7, 2020
Best Practice for Avoiding Browser 401 Auth popup Prompt? Sync Gateway	4	12166	February 16, 2017
Upsert Document which comes via Webhook to an API Sync Gateway	1	1329	November 3, 2016
Public API seems to accept only Basic Authorization header requests when CORS is used Sync Gateway connections	2	865	September 4, 2020
Authentication issue with WebSocket using SyncGateway Public REST API 2.8 Sync Gateway rest	1	1270	February 5, 2021

How to authenticate Sync gateway webhook url using OAuth

Related topics