Notify results
Webhook

4min
﻿
Webhook notifiers allow for integrations which subscribe to found secret notifications. 
When a new secret is found, an HTTP POST payload will be sent to the webhook’s configured URL. Webhooks can be secured by using a token to generate and verify a signature of the payload.
Scanner Configuration
YAML
notifiers:
- connection:
    '@type': type.googleapis.com/notifiers.Webhook
    token: secret_token
    url: https://example.trufflesec.com:8081/webhook
  name: slack secrets notifications
  # sourcesToNotify can also be set to ALL to receive
  # all notifications
  sourcesToNotify: SOURCES_IN_THIS_CONFIG
  type: NOTIFIER_TYPE_WEBHOOK
notifiers:
- connection:
    '@type': type.googleapis.com/notifiers.Webhook
    token: secret_token
    url: https://example.trufflesec.com:8081/webhook
  name: slack secrets notifications
  # sourcesToNotify can also be set to ALL to receive
  # all notifications
  sourcesToNotify: SOURCES_IN_THIS_CONFIG
  type: NOTIFIER_TYPE_WEBHOOK
﻿
Tokens
The signature is sent using in the X-Hub-Signature header. To verify the signature matches the payload, generate a SHA256 hash of the payload body prefixed with the token string.
X-HUB-SIGNATURE:5f246d1f78c832eee4d9b453742476a743a1c7fe73454b6b432b26868525423f
> BODY='{"source_type":"SourceType_SOURCE_TYPE_GIT",...}' 
> TOKEN="mySecretToken"
> echo -n "${TOKEN}${BODY}" | sha256sum5f246d1f78c832eee4d9b453742476a743a1c7fe73454b6b432b26868525423f
Payload body by source
Filesystem
Microsoft Teams
GitHub
JIRA
BitBucket
Confluence
GitLab
Slack
{
	"SourceType": "SOURCE_TYPE_SLACK",
	"Metadata": {
		"Data": {
			"Slack": {
				"channelID": "channel-1",
				"channelName": "some channel",
				"timestamp": "2020-05-01T00:00:00Z",
				"userId": "user-1",
				"link": "https://slack.com/app_redirect?channel=channel-1",
				"file": "file-1",
				"email": "[email protected]"
			}
		}
	},
	"SecretType": "Github",
	"Secret": "SOMESECRET42",
	"Verified": true
}
{
	"SourceType": "SOURCE_TYPE_SLACK",
	"Metadata": {
		"Data": {
			"Slack": {
				"channelID": "channel-1",
				"channelName": "some channel",
				"timestamp": "2020-05-01T00:00:00Z",
				"userId": "user-1",
				"link": "https://slack.com/app_redirect?channel=channel-1",
				"file": "file-1",
				"email": "test@slack.com"
			}
		}
	},
	"SecretType": "Github",
	"Secret": "SOMESECRET42",
	"Verified": true
}
﻿
﻿
﻿
Updated 09 Sep 2024
Did this page help you?
Stdout
Reverify secrets