New Feature: OAuth2 Authentication Support for Webhooks

Irina Doliov
Sep. 2, 2015 by Irina Doliov

Oauth2 and WebhooksThis month, we’ve introduced yet another new security feature to SparkPost: the ability to use OAuth2 in setting up webhooks. Specifically, in order to increase the security of our webhooks events data, we have added support for OAuth2 authentication in addition to the Basic Authentication. These are optional security measures that are used to ensure that webhook data delivered via an HTTP request originate from SparkPost.

What is Basic Auth? Basic Auth is a relatively simple mechanism that allows a user to provide a username and password that is passed in with the webhooks data in the http request. This is something anyone can — and should do. SparkPost has supported this mechanism for several months.

What is OAuth2? OAuth2 is an open standard for authorization. OAuth2 provides client applications a ‘secure delegated access’ to server resources on behalf of a resource owner by use of a temporary token. This Digital Ocean overview provides a relatively short and readable overview of how this works. For those who prefer to get into the weeds, here is the actual specification.

Why Oauth2? In a word, security. SparkPost, and our parent Message Systems take the security of our systems very seriously and we continue to add functionality to enhance security of the data entrusted to us. This includes using API keys, whitelisting the IPs of those API keys, 2-factor authentication to access Sparkpost accounts and other behind-the-scenes enhancements. Needless to say more security enhancements are coming.

~ Irina Doliov, Cloud Queen

Related Content

Community Spotlight: How Topol Makes Creating Beautiful HTML Email Templates Easy

Building HTML email templates is hard. Learn about the app that Jan Tlapak and Sendmark created for anybody in need of building beautiful HTML emails.

read more

Running Your First Technical Workshop: The "I Have No Idea What I'm Doing" Edition

Running a technical workshop is difficult! Where do you start? How much time do you allot? What audience do you aim for? Cole talks through what he learned.

read more

Introducing Our SendGrid Template Migration Tool

Automatically migrate any SendGrid template over to SparkPost. This open source tool supports both UI- and API-driven email template migration workflows.

read more

Start sending email in minutes!

The world’s most powerful email delivery solution is now yours in a developer-friendly, quick to set up cloud service. Open a SparkPost account today and send up to 100,000 emails per month for free.

Send 100K Emails/Month For Free

Send this to a friend