Sentinel ip address blocking does not work. Can I use an auth header?

dylkil · July 26, 2023, 9:46am

Thanks for reaching out and sorry for the late response.

Unfortunately we do not have a built in mechanism for validating webhook requests and since our sentinels are in a serverless architecture the IP addresses are non static. There are 2 options you have for some type of auth, both with tradeoffs:

Instead of triggering a webhook you could trigger an autotask - this would allow you to send a request to your webhook URL from inside the autotask, you could add headers/signatures along with your request. If you need any more info on this let me know.
Adding a query param to the webhook URL - this is a smaller change and easier to verify, but its not as secure.

Topic		Replies	Views
WebHook Trigger on sentinal Defender	1	671	July 26, 2023
Auth for Webhook Sentinel Security etherscan-verify , sentinel	0	532	November 22, 2022
Autotask Static IP Addresses Defender autotasks	3	1003	April 5, 2022
Secure Sentinel notify webhook with shared secrets Defender sentinel	4	754	October 12, 2022
Defender Works Fine, But Not Getting Metamask Popup To Sign The Request Defender defender , autotasks	4	336	August 2, 2023

Sentinel ip address blocking does not work. Can I use an auth header?

Related topics