Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-23099

Ability to mask password when authenticated via webhook URL

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Summary:
      If users have a requirement to step up webhook integration where the authentication should be set via URL, it can achieved by following method

      https://USERNAME:PASSWORD@<URL of destination server>

      The username and password sent through URL will be plain texts and we do not have a method to mask them. It will be good to have variable masking strategy here where users can pass $USERNAME and $PASSWORD as variables and mask them so that they are secure.

      Workaround:
      To use webhook secrets as an alternative
      Reference: https://bitbucket.org/blog/enhanced-webhook-security

      Attachments

        Activity

          People

            Unassigned Unassigned
            f6d4dc412ba0 Lavanya K
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: