Verify webhook origin as Monday.com

Today is my first day of writing code for your hook system.
I’m here and it’s bad that you didn’t decide to be able to identify, check the data sending service
This is your reputation hole
The worst thing is that you know and do nothing
Sorry for my English

1 Like
POST https://api.monday.com/v2
Authorization: token
Content-Type: application/json

{
  "query": "mutation { create_webhook (board_id: boardId, url: \"urlHook\", event: change_column_value, secret: hookSecret) { id board_id }}"
}

Add fields secret: hookSecret
Please return me field signature (you object) using my hookSecret (jwt example, and …)
You will close this hole with this
Thanks,
Fedor

Hello @VlasenkoFedor!

When you talk about a “hook system”. Are you referring to our webhooks?

I am not sure I understand what you need in this case.

. Are you referring to our webhooks?
Yes
I added the example code

{
  "query": "mutation { create_webhook (board_id: boardId, url: \"urlHook\", event: change_column_value, secret: hookSecret) { id board_id }}"
}

Hello @VlasenkoFedor!

I do not understand what you need from the webhooks exactly.

What would a “hookSecret” be? A token to check the validity of the request?

If so, we do not have that as of today but I can add your vote to it.

Cheers,
Matias

“If so, we do not have that as of today but I can add your vote to it.”
That’s what we want

Since we see here the problem of identifying the response of the server

Thanks,
Fedor

how to create a webhook via playground and answer the challenge I use botconversa and I don’t know how to answer the challenge

Hi @EMANUELMARLON,

You can use the create_webhook mutation to create a webhook in the Playground. Please see this example in Postman for how to create the request in your app, which you’ll need when the webhook is triggered in order to respond to the challenge.

When the webhook is called, we’ll send a request to your app with the challenge. To verify a webhook, your app should respond back with the same challenge.