Which product is your request related to?
Encoding - VOD
Description
Hello, now it’s possible to verify the caller authenticity of a webhook using your algorithm https://developer.bitmovin.com/encoding/reference/postnotificationswebhooksencodingencodingsfinished
In general, the webhook implementation looks pretty stupid since it should only accept the request and, usually, put the message in a queue for consequent processing. Unfortunately, to webhooks are required to be fast and reliable. This requirement and the missing business logic seem to fit in a serverless architecture in AWS: an API gateway accepts messages and puts them in an SQS queue. This solution requires no development from the user perspective since it requires only configuration.
Your custom authentication method doesn’t allow us to leverage this architecture because it requires the development of a specific endpoint.
If it were possible to set custom HTTP headers to put in the webhook callback, it would be possible to use the cloud-native authentication capabilities and simplify the overall architecture.
Best
Luca