Webhook authentication types
This topic describes the types of authentication available for webhooks.
To include authentication when sending a webhook request, create an authorization item and assign it to the webhook.
Sitecore supports the following authentication types:
| Type of authentication | Required fields |
|---|---|
| Basic | UsernamePassword |
| Digest | UsernamePassword |
| API key | KeyValueAdd to |
| OAuth2.0 Client Credentials Grant | Authority URLClient IDClient SecretScopeHeader Prefix. The default value is BearerAdditional endpoint base addresses |
| OAuth2.0 Password Credentials Grant | Authority URLClient IDClient SecretScopeHeader Prefix. The default value is BearerUsernamePasswordAdditional endpoint base addresses |
Note
You can pass optional fields to use the OAuth2.0 client credentials grant and OAuth2.0 password credentials grant authentication types.
Note
Some identity providers require specifying an address in the Additional Endpoint Base Addresses field. For Microsoft Azure and Azure B2C providers, set this value to https://login.microsoftonline.com/<tenant id>;https://graph.microsoft.com/oidc/userinfo.
If you have suggestions for improving this article, let us know!