[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[aodh][keystone] handling of webhook / alarm authentication

Hi Lingxian,

The information referenced comes from:

Here it would be an alarm that would use the webhooks action. The
endpoint in our use case would be Watcher for which we have just passed
a spec:

With these alarms that report using a webhook I am wondering how these
received alarms can be authenticated and if the keystone token context
is available?

Hope this makes it clearer.

Kind regards,
Corne Lukken
Watcher core-reviewer

On 1/10/20 11:44 AM, Lingxian Kong wrote:
> Hi Corne,
> I didn't fully understand your question, could you please provide the doc
> mentioned and if possible, an example of aodh alarm you want to create
> would be better.
> -
> Best regards,
> Lingxian Kong
> Catalyst Cloud
> On Fri, Jan 10, 2020 at 10:30 PM info at <info at>
> wrote:
>> Hello,
>> I was wondering how a service receiving an aodh webhook could perform
>> authentication?
>> The documentation describes the webhook as a simple post-request so I
>> was wondering if a keystone token context is available when these
>> requests are received?
>> If not, I was wondering if anyone had any recommendation on how to
>> perform authentication upon received post-requests?
>> So far I have come up with limiting the functionality of these webhooks
>> such as rate-limiting and administrators having to explicitly enable
>> these webhooks before they work.
>> Hope anyone else could provide further valuable information.
>> Kind regards,
>> Corne Lukken
>> Watcher core-reviewer