Use API Authenticator in Outgoing Webhook

An API Authenticator is used in an Outgoing Webhook to securely authenticate requests sent from the system to a third-party service. The API Authenticator stores authentication credentials only (for example, API key, Basic Auth, or OAuth 2.0 parameters). It does not include the webhook URL or endpoint configuration. The Outgoing Webhook Manager is available at the domain level. In this manager, users can assign an API Authenticator to an outgoing webhook to secure API communication.

You can also create a new API authenticator for use with this Outgoing Webhook.

The API Authenticator Management link will direct you to the API Authenticator page. 

When testing the outgoing webhook, the configured API Authenticator is included as part of the test.

Enable API Authenticator in API Adapter

Whether an API adapter supports an API Authenticator is defined by NetBrain engineers in the adapter script during configuration. For adapters that support it, NetBrain engineers can enable API Authenticator for an API adapter by toggling “Support for API Authenticator”, and when it is enabled, make sure API authenticator is supported according to the script in API adapter.

Whether an API adapter supports the API Authentication in API server is configured by NetBrain enginners in “API Adapter” . However, users can change the settings when editing the external API Server. The user will either select an Authenticator or use the previous manual login method.

The following image shows that if the “Is Using Authenticator” option is enabled, the API authenticator can be selected for authentication.

Enable API Authenticator in Techspec

When a TechSpec is defined, other authentication methods in the API Server are hidden if the API Authenticator is enabled. This behavior is configured by NetBrain engineers in the JSON script. NetBrain engineers can enable API Authenticator for a Techspec by toggling “enable API Authenticator”, and when it is enabled, make sure API authenticator is supported according to the script of the Techspec.

If the API authenticator function is enabled in Techspec, the API authenticator can be selected for authentication in API server.

Note: When deleting an API Authenticator, the system checks whether it is being used by the API Server or the Outgoing Webhook. If it is in use, a confirmation dialog appears to warn that the API Authenticator is referenced by other functions and that deleting it will affect those functions.