Securing Webhooks
Last updated
Was this helpful?
Last updated
Was this helpful?
If you are not using the Datacake TTN option to connect your device to the Datacake Cloud, you should secure the device by requiring an access token in the webhook.
If you do not enable the authentication, in theory, someone else could craft a spoofed payload and transmit it to the Datacake webhook endpoints including the DevEUI of your device, which would result in this data to be stored on your device.
To prevent this, enable the "Webhook requires authentication" option either when creating the device or later in its configuration.
We call the authentication of the Webhook optional, because it is not necessarily required. However, once it is set up correctly, it is nothing more than a mouse click and we recommend using it especially for larger fleets.
When you create a new LoRaWAN Device using one of our provided templates you have the option to set the Securing of the Webhook during the Steps in the Configuration-Wizard.
When you already have devices that you want to secure using the optional Webhook Authentication method you can do this by going through the following steps and activate the authentication.
When the option is enabled, all requests to the Webhook need to have the Authorization
-Header set to Token YOURTOKENHERE
. To learn how to generate access tokens, please go to:
To enable securing of Webhooks you need to provide an additional authorization header in your LoRaWAN Application. We are now providing some examples for those LoRaWAN Networks that Datacake has Integrations for.
UPDATE: We have put together detailed guides on how to set up Webhook Authentication for each LNS. You find this here:
In the following Screenshot you see how setting the Authentication Token looks like on the TTN LoRaWAN Network Server. In your Integration - where you set up the Webhook forwarder - you need to provide an extra Authentication-Header. This looks something like the following (Please not that the Token used in the Screenshot is just a fake one - you need to replace it by your real one).