Introduction #
To prevent unknown sources being able to send requests to certain Cyclr Webhook Steps, you can secure them using Cyclr’s Account-level OAuth Client Credentials.
The Account-level OAuth Client Credentials function is incorporated into Cyclr’s MCP Servers feature, which may not be enabled on your Cyclr Console.
If you’d like to discuss adding it to your existing Cyclr subscription, please get in touch with your Cyclr representative.
Securing a Webhook Step #
To have Cyclr check inbound requests to a Webhook Step are correctly authenticated before accepting them, open your Cycle in the Builder then open the Webhook’s Step Setup popup and enable the Advanced Settings area’s Webhook Authentication “Require OAuth Token” option:
ℹ️ Your Cycle must be stopped to change this option.
ℹ️ The Webhook Authentication option is available for the Generic Webhook Connector’s “Webhook” and “Webhook (IP Filtered)” Methods, as well as the Event Triggers’ “Webhook” Step.