Clay Icon

Understanding Webhook URL Security and Authorization Options

ยท
ยท

I have a table that is getting email addresses from a webhook. is the webhook URL totally public? Like if anybody has the URL they can just spam it with random emails? Could I use the clay api instead and is there a way to have authorization headers which use an environment variable secret stored in our vercel app? Does clay have a similar auth mechanism?

  • Avatar of Channeled
    Channeled
    APP
    ยท
    ยท

    ๐Ÿ‘‹ Hey there! Our support team has got your message - we'll be back in touch within 24 hours (often sooner!). If you haven't already, please include the URL of your table in this thread so that we can help you as quickly as possible!

  • Avatar of Arturo O.
    Arturo O.
    ยท
    ยท

    Hey Adrian, thanks for the inquiry and raising this concern! Currently, we don't have external/traditional APIs to call Clay outside of the main UI. One of the reasons we don't have external APIs enabled is because we have several tools that already work under API systems and thus it would be a complex setup given the variety of actions you can implement within Clay, at least for the time being. About Webhook URLs, your data is completely protected, only workspace members (and Clay admins if you reach out for assistance) can view those links, unless you share it publicly. Let me know if you have additional questions!

  • Avatar of Channeled
    Channeled
    APP
    ยท
    ยท

    We haven't heard back from you in a bit, so we're going to go ahead and close things out here - feel free to let us know if you still need something!

  • Avatar of Channeled
    Channeled
    APP
    ยท
    ยท

    Hi Adrian B.! This thread was recently closed by our Support team. If you have a moment, please share your feedback: