Authentication Types

Alloy supports Basic Authentication and OAuth2.0

Basic Authentication

Basic Authentication allows you to provide the username and password associated with your HTTP endpoint when setting up a webhook. When webhook data is sent, the Basic Auth fields are included in the header of the HTTP request.

To use basic authentication, select "Basic" from the dropdown under "Authentication type" when creating your webhook

OAuth2.0

Alloy supports two grant types for OAuth2.0 - Client Credentials and Password.

Client Credentials

The client credentials grant type is used when applications request an access token to access their own resources, not on behalf of a user.

This grant type has the following required parameters:

  1. Client ID
  2. Client Secret
  3. Token URL
  4. Access Token Encoding

and the following optional parameters:

  1. Scope
  2. Audience
  3. Include client credentials in the request body
To use Client Credentials, select "OAuth2.0" from the dropdown under "Authentication type" and "Client Credentials" from the grant type dropdown when creating your webhook

Password

You can use the Password flow to authorize a client via a connected app that already has the user's credentials. This is compatible with services like Salesforce.

This grant type has the following required parameters:

  1. Client ID
  2. Client Secret
  3. Token URL
  4. Username
  5. Password
  6. Access Token Encoding

and one optional parameter:

  1. Include client credentials in the request body
To use Password, select "OAuth2.0" from the dropdown under "Authentication type" and "Password" from the grant type dropdown when creating your webhook