How to verify username and password for webhook on the server?

I’ve configured my own webhook for after_message trigger along with the username and password for auth so i can verify on my own server. but once i recieve the event, where is my username and password? i can see that therer’s a authorization header only. how can i verify that to the auth i set on webhook in my cometchat app?

1 Like

Hi @mike_van,

The webhooks are protected by basic authorization.

The header value has a structure below:

basic <credentials>

credentials = base64_encode(username + “:” + password)

For example: If you have configured webhook with username as johndoe and password as pa55w0rd, then the header will look like:

Authorization: Basic YWRtaW46cGE1NXcwcmQ=

To verify the requests received to webhook URL you can use the standard authorization libraries available for your server-side language or verify it by string operations and base64_decode.

For more information please refer to:

Warm Regards,

Ketan Yekale
CometChat Pro

2 Likes