Skip to main content

Custom Webhook Action: Secure Credential Management

This guide explores the latest enhancements to the Custom Webhook action in Stack, focusing on improved security measures and streamlined credential management.

Table of Contents

Overview

The Custom Webhook action in Stack now supports masked secret keys for authentication methods such as Basic auth, Bearer token, and API key. This enhancement helps prevent accidental exposure of sensitive information and simplifies the management and storage of credentials.

Key Improvements

Masked Secret Keys

  • Secure Storage: All secret keys are securely stored and masked in the interface.
  • Supported Auth Methods: Choose from Basic auth, Bearer token, or API key.
  • Reduced Exposure: Keys are never displayed in plain text, minimizing the risk of leaks.

User-Friendly Credential Management

  • Key Management: Select from existing keys or create a new key using a convenient dropdown menu.
  • Location-Level Security: Keys are accessible only within the location where they were created.

Why These Updates Matter

Enhanced Security

  • Secret keys are masked to significantly reduce the chances of accidental leaks.
  • Keys are identified by name instead of their actual value, reducing risk.

Better Access Control

  • Sensitive credentials are editable only by users who created them and by admins at the location level.

Getting Started

Follow these steps to add and configure a new Custom Webhook action in your Automations builder:

  1. Add a Custom Webhook Action: In your Automations builder, select Custom Webhook as the action step.
  2. Select Authentication Type: Choose one of the following methods: Basic auth, Bearer token, or API key.
  3. Configure Credentials:
    • Choose Create New Key.
    • Enter a key name (for identification) and the key value (the actual credential).
    • Once saved, the key will be masked, so it won’t appear in plain text.
  4. Monitor & Manage: Use the dropdown menu to select or delete keys as needed.

Important Notes

  • Existing Keys: Once you update to a new key, the old key will be automatically removed.