Home / Companies / Ngrok / Blog / Post Details
Content Deep Dive

Verify webhooks with ngrok’s new Traffic Policy action

Blog post from Ngrok

Post Details
Company
Date Published
Author
Mandy Hubbard
Word Count
2,256
Company Posts That Month
6
Language
English
Hacker News Points
-
Post removed?
No
Summary

Ngrok has introduced a new Traffic Policy action called verify-webhook, designed to authenticate webhook requests sent to HTTP endpoints, ensuring they originate from the correct provider and are intended for the correct recipient. This action supports over 50 popular webhook providers and uses cryptographic verification logic tailored to each provider to validate requests. Users can securely store webhook verification keys in encrypted vaults, and the secrets.get() macro dynamically retrieves these secrets at runtime, enhancing security by keeping sensitive values out of policy YAML files. The verify-webhook action can be integrated into Traffic Policy rules to protect applications from unauthorized access, forged requests, and various attacks such as replay attacks. This action allows developers to integrate webhooks safely without writing custom verification code and supports a wide range of configurations, including conditional logic and combining with other Traffic Policy actions. The introduction of this action also offers features like inspecting, replaying, and evaluating logged webhook requests, providing a comprehensive solution for secure webhook management within the ngrok platform.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.