We’ve introduced key improvements to the Custom Webhook action, focusing on enhanced security for sensitive information. These updates aim to protect secret keys from being exposed in plain text and provide more streamlined credential management.
What’s New
Masked Secret Keys
Sensitive credentials (e.g., secret keys) are now stored securely and masked in the interface, preventing accidental exposure. This applies to Basic auth, Bearer token, and API key authentication methods.
User-Friendly Management
When updating or deleting existing keys, the interface guides you through the process without ever displaying the raw values, helping you avoid accidental leaks.
Why It Matters
Enhanced Security
- Reduces the risk of revealing sensitive information for data protection. Going forward, these keys would not be visible to the users in plain text format. These would be visible by the key name.
- These keys cannot be edited or deleted by users in a location. Only agency admins and users that have created these keys will have these permissions.
How to Get Started
Add a Custom Webhook Action
In your Automations builder, select Custom Webhook.
Select Authentication Type
- Choose Basic auth, Bearer token, or API key.
Configure Credentials
- Enter your secret key in the new masked field.
Monitor & Manage
- Use the dropdown menu to add or delete keys as needed.
Note
- Existing Keys:Any existing key will be deleted once a new key is updated.
- Deletion Permissions:Only agency admins or the user who originally created a key can delete it.
