You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
For the Postmark provider it (annoyingly) authenticates the webhook using one of my app's users via HTTP basic auth. It's kinda silly to have to setup a special user in my app just to authenticate the webhooks. Then I would want to add logic to my login page's controller to exclude the possibility of logging in as that user on the main website for if those credentials where somehow leaked.
Describe the solution you'd like
In my opinion it makes much more sense to authenticate the webhook by IP address instead of the current method. And maybe add a config value to add additional IP's such as localhost or other special purpose IP's for testing.
Describe alternatives you've considered
I have extended receiver with my own Postmark provider to accomplish this for now.
Additional context
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
For the Postmark provider it (annoyingly) authenticates the webhook using one of my app's users via HTTP basic auth. It's kinda silly to have to setup a special user in my app just to authenticate the webhooks. Then I would want to add logic to my login page's controller to exclude the possibility of logging in as that user on the main website for if those credentials where somehow leaked.
Describe the solution you'd like
In my opinion it makes much more sense to authenticate the webhook by IP address instead of the current method. And maybe add a config value to add additional IP's such as localhost or other special purpose IP's for testing.
Describe alternatives you've considered
I have extended receiver with my own Postmark provider to accomplish this for now.
Additional context
The text was updated successfully, but these errors were encountered: