All Guides

How to Verify a Signature with Basic Auth in Hookdeck


In this tutorial, you will learn how to add Hookdeck’s Basic Auth “configure-your-own” source integrations to verify webhooks from your provider.

💡 By adding all your webhook providers’ different security requirements on Hookdeck, you are offloading the complexity of maintaining each provider’s security on your server and instead only have to sign Hookdeck’s SHA256.

Step 1. Create Configure-your-own Basic Auth source integration

Create Basic Auth

  1. Go to the Source Integrations page.
  2. Select Basic Auth under Configure-your-own.
  3. Enter your Basic Auth credentials under Configuration.
  4. Define which Source the verification will be performed.
  5. Click Confirm.

Create Demo Basic Auth

💡 The platform sending you webhooks may already be listed. Skip Configure-your-own and select your platform’s integration instead.

Let's head to the Connections page to validate the source integration.

Source validated

Step 2: Test your verification

Let’s test the new Demo Basic Auth source integration by sending a payload with the correct authentication code and one with an invalid code using Postman.

Basic Auth webhook

Successful verification result

Head to the Request tab, where you should see the request successfully creating an event.

Succesful basic auth

Failed verification result

When the Basic Auth verification fails, in the Request tab you should see the request failing with the error code Failed Verification along with a prompt to Edit integration.

Failed Request

Great, everything seems to be working!

What’s next?

Congratulations, you are now verifying incoming requests for authenticity with your Basic Auth source integration!