Webhook Policy

To verify that a request Webhook originates from the RR Tech Service Management system space in which it is registered, the Webhook payload can be cryptographically signed. This can be accomplished by establishing a connection between one or more Webhooks using a Webhook policy. The Webhook policy defines the cryptographic signature algorithm used for Webhook messages within the RR Tech Service Management system. Within the Webhook policy, the algorithm used for signing Webhook messages is selected.

If a Webhook is associated with a Webhook policy, the payload of its messages represents a JSON Web Token (JWT). The public key of the Webhook policy is used to decode and verify the payload. The private key of the Webhook policy is known only by the RR Tech Service Management system.

Only a person with the administrator directory role or account administrator role can manage Webhooks within this space.

The fields of webhook policy page presents recommendations for using each Webhook policy field.