Configure Webhook without Api Key

Stripe doesn't allow developers to configure extra Header parameters. This makes impossible to receive calls from Stripe.

Is there a way to configure the Webhook trigger without the Api Key?

With no API key, how would you protect your endpoint from abuse?

I understand that. But this is how Stripe works, they don't have the ability to set custom headers.

They do provide a secure key that they pass from their side that can be used to secure the connection.

That's why the question.

1 Like

Hmmm, this is interesting. I just created a Stripe account the other day, as I was going to explore it's possibilities.

I am going to follow this thread and see what others suggest.

1 Like

Hey @fmartins! As far as I know, the only way to trigger a workflow via webhook without an API key is to make the endpoint public.

This isn't a big deal if you are able to verify the alternate security method in the first block, but keep in mind the fact that workflows are billed by total runs! :+1:

Thanks for the reply, yes this will solve the problem.

1 Like