Hi Lingxian, The information referenced comes from: https://docs.openstack.org/aodh/latest/admin/telemetry-alarms.html Here it would be an alarm that would use the webhooks action. The endpoint in our use case would be Watcher for which we have just passed a spec: https://review.opendev.org/#/c/695646/ With these alarms that report using a webhook I am wondering how these received alarms can be authenticated and if the keystone token context is available? Hope this makes it clearer. Kind regards, Corne Lukken Watcher core-reviewer On 1/10/20 11:44 AM, Lingxian Kong wrote:
Hi Corne,
I didn't fully understand your question, could you please provide the doc mentioned and if possible, an example of aodh alarm you want to create would be better.
- Best regards, Lingxian Kong Catalyst Cloud
On Fri, Jan 10, 2020 at 10:30 PM info@dantalion.nl <info@dantalion.nl> wrote:
Hello,
I was wondering how a service receiving an aodh webhook could perform authentication?
The documentation describes the webhook as a simple post-request so I was wondering if a keystone token context is available when these requests are received?
If not, I was wondering if anyone had any recommendation on how to perform authentication upon received post-requests?
So far I have come up with limiting the functionality of these webhooks such as rate-limiting and administrators having to explicitly enable these webhooks before they work.
Hope anyone else could provide further valuable information.
Kind regards, Corne Lukken Watcher core-reviewer