How to Verify a Signature with Basic Auth in Hookdeck

In this tutorial, you will learn how to add Hookdeck’s Basic Auth “configure-your-own” source integrations to verify webhooks from your provider.

💡 By adding all your webhook providers’ different security requirements on Hookdeck, you are offloading the complexity of maintaining each provider’s security on your server and instead only have to sign Hookdeck’s SHA256.

Step 1. Create Configure-your-own Basic Auth source integration

1. Go to the Source Integrations page.
2. Select Basic Auth under Configure-your-own.
3. Enter your Basic Auth credentials under Configuration.
4. Define which Source the verification will be performed.
5. Click Confirm.

💡 The platform sending you webhooks may already be listed. Skip Configure-your-own and select your platform’s integration instead.

Let's head to the Connections page to validate the source integration.

Step 2: Test your verification

Let’s test the new Demo Basic Auth source integration by sending a payload with the correct authentication code and one with an invalid code using Postman.

Successful verification result

Head to the Request tab, where you should see the request successfully creating an event.

Failed verification result

When the Basic Auth verification fails, in the Request tab you should see the request failing with the error code Failed Verification along with a prompt to Edit integration.

Great, everything seems to be working!

What’s next?

Congratulations, you are now verifying incoming requests for authenticity with your Basic Auth source integration!