github.com/argoproj/argo-events@v1.9.1/docs/eventsources/webhook-authentication.md

github.com/argoproj/argo-events@v1.9.1/docs/eventsources/webhook-authentication.md (about)

     1  # Webhook Authentication
     2  
     3  ![GA](../assets/ga.svg)
     4  
     5  > v1.0 and after
     6  
     7  For `webhook` event source, if you want to get your endpoint protected from
     8  unauthorized accessing, you can specify `authSecret` to the spec, which is a K8s
     9  secret key selector.
    10  
    11  This simple authentication approach also works for `webhook` extended event
    12  sources, if that event source does not have a built in authenticator.
    13  
    14  Firstly, create a k8s secret containing your token.
    15  
    16  ```sh
    17  echo -n 'af3qqs321f2ddwf1e2e67dfda3fs' > ./token.txt
    18  
    19  kubectl create secret generic my-webhook-token --from-file=my-token=./token.txt
    20  ```
    21  
    22  Then add `authSecret` to your `webhook` EventSource.
    23  
    24  ```yaml
    25  apiVersion: argoproj.io/v1alpha1
    26  kind: EventSource
    27  metadata:
    28    name: webhook
    29  spec:
    30    webhook:
    31      example:
    32        port: "12000"
    33        endpoint: /example
    34        method: POST
    35        authSecret:
    36          name: my-webhook-token
    37          key: my-token
    38  ```
    39  
    40  Now you can authenticate your webhook endpoint with the configured token.
    41  
    42  ```sh
    43  TOKEN="Bearer af3qqs321f2ddwf1e2e67dfda3fs"
    44  
    45  curl -X POST -H "Authorization: $TOKEN" -d "{your data}" http://xxxxx:12000/example
    46  ```