Forum Discussion

dwhansen-cbg's avatar
dwhansen-cbg
Contributor
6 years ago
Solved

Securing exposed API endpoint for triggered task

It is my understanding that when we create a Triggered Task for a pipeline there are only two ways of securing the API endpoint, 1) the bearer token and 2) basic authentication in the endpoint URL as...
triggered
  • christwr's avatar
    christwr
    6 years ago

    Like who? I assume folks who didn’t keep the bearer token private, or changed it to something bad…

    A few ways to add “extra” security to triggered tasks:

    • IP whitelisting (Access Control)
    • Front the triggered task with an API Gateway (that handles the auth switching)
    • Add some other checker logic to your triggered pipeline (JWT, etc.)
christwr's avatar
christwr
Contributor III
6 years ago

Like who? I assume folks who didn’t keep the bearer token private, or changed it to something bad…

A few ways to add “extra” security to triggered tasks:

  • IP whitelisting (Access Control)
  • Front the triggered task with an API Gateway (that handles the auth switching)
  • Add some other checker logic to your triggered pipeline (JWT, etc.)
dwhansen-cbg's avatar
dwhansen-cbg
Contributor
6 years ago

I won’t say who it happened to, but I know the company he works for has had an issue in the past and I would like to avoid it at my company.

@christwr thank you for your suggestions! These are all great suggestions and we will probably employ IP whitelisting and an API gateway to lock things down a little more. Thanks!