Feature Request: Client Certificate authentification

[smox]

Hello,

First of all, thank you for your work.
I want to use your webhookd for machine to machine communication and therefore I thought it would be awesome if you can implement a client certificate authentification or something similiar.

I know that you've already implemented .htaccess authentification but client certificates (or similiar things like ssh key authentification) would be much easier to deploy in an automated manner.

[ncarlier]

Thanks for your interest.
You can perform strong client authentication using HTTP Signature.
However, it is "fairly new" and is not natively supported by common HTTP clients. For example, you need to install a plugin for HTTPie : https://pypi.org/project/httpie-signature/
You can also find some proxy to handle this:

• https://github.com/upvestco/httpsignature-proxy
• https://github.com/form3tech-oss/http-message-signing-proxy

[smox]

Thank you for your quick answer. It seems to be that this is exactly what I am searching for but I've never heard of that before.
Thank you and best regards to france 👍