Home OAuth + Webhooks Use Case
Reply: 0

OAuth + Webhooks Use Case

user1087
1#
user1087 Published in June 23, 2018, 11:41 pm

I set up an AWS API Gateway with a webhook and want to accept POST requests from only a Zapier trigger/web request. I've done research on OAuth and authentication (listed below), but I'm new to APIs/webhooks and could use help. Is OAuth appropriate, or would that be over-engineering? If OAuth is appropriate, can someone explain why?

Current Approach
I hard-coded a string key on Zapier (the client) which is checked on the API Gateway (handles the resources), to determine whether or not to accept the request. The only security concern I can see is if someone accessed our Zapier and/or AWS account, thus being able to read our key. In that case though, our security is already compromised. OAuth seems to be for applications which need to share sensitive data with each other - I just want to filter POST requests.

Research I've done a ton of reading about OAuth, for example:

  • Stack Overflow: What is OAuth
  • Stack Overflow: OAuth with REST
  • Stack Overflow: When to Use OAuth
You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.308986 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO