Skip to content

Securing WebSocket Communication Using Secret Key Validation #257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Bhanuprakashu opened this issue Jun 4, 2025 · 1 comment
Closed
Assignees

Comments

@Bhanuprakashu
Copy link

Hi Team,
I need your assistance regarding the security setup for WebSockets in our application.
We would like to implement a mechanism similar to Webex webhook secret validation, where a secret key is used to verify the authenticity of incoming requests. Specifically, our goal is:
When a request comes through the WebSocket connection, it should carry a predefined secret key.
On the backend, we want to validate that the request contains the correct secret.
If the secret is valid, the request should proceed to the backend APIs.
Otherwise, the request should be rejected.
We are interested in knowing whether there are recommended mechanisms or best practices to achieve this kind of secret validation for WebSocket connections—similar to how secrets are used in webhook creation and validation.
Looking forward to your guidance on this.
Best regards,
bhanu

@ashjorda
Copy link
Collaborator

ashjorda commented Jun 4, 2025

Spoke to @Bhanuprakashu via Webex. And answered all related questions.

@ashjorda ashjorda closed this as not planned Won't fix, can't repro, duplicate, stale Jun 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants