I'm trying to post a webhook on Autodesk which callbackurl is an Appian web API. The problem I have, I can't expose any Appian service without authentication, and on the post method I don't see any option where I can write an API-key or something similar, only the callbackurl.
Is there any method where I can expose an Appian Web Api?
Discussion posts and replies are publicly visible
No, any API access to Appian must be authenticated. But, to be honest, I find it hard to believe that Autodesk does not support authentication for callbacks.
You could try to use basic authentication like in the curl examples:
https://docs.appian.com/suite/help/23.4/Web_API_Authentication.html#api-key-authentication
Hi Stefan, I thought the same, but actually an autodesk webhook configuration only expect a callbackurl (https://aps.autodesk.com/en/docs/webhooks/v1/reference/http/webhooks/systems-system-events-event-hooks-POST/).
Finally I will use an API manager which recieve the webhook call and comunicates with appian.
Thanks anyway for your reply
Only seems to support a "secret token" which is surprising like Stefan has mentioned.
I think you probably have the best solution with the APIM.
Hi Mathieu, at the begining I thought that was the way to authenticate it, but when I tried the post token method I retrieved an error because the api-key format wasn't accepted. At the end I think it's a hash to verify the origin of the call. I'm going to try the APIM, thank you for your reply.
Make sure to validate these signatures before forwarding the call to Appian.