# Custom Webhooks If you cannot find a guide for your specific tool, you can create a custom Apono outbound webhook. This guide shows you how to create and test a custom webhook. *** ### Prerequisites
ItemDescription
Target System API Credentials

Authentication information used when making requests to the target system

Apono supports the following authentication:

  • Bearer Token
  • OAuth
  • Custom (key-value pairs passed in the header)
Target System Webhook URLURL of the target system that will receive the webhook

Example: https://<SUBDOMAIN>.freshdesk.com/api/v2/tickets
*** ### Configure a webhook Follow these steps to configure a webhook: 1. On the [**Webhooks**](https://app.apono.io/webhooks) page, click **Add Webhook**. The **Add Webhook** page appears. 2. Click **Request Webhook**. 3. Enter a unique, alphanumeric, user-friendly **Request Webhook Name** for identifying this webhook. 4. Click the **Status** toggle to **Active**. 5. From the **Method** dropdown menu, select a REST method. 6. In the **URL** field, enter the URL of the target system that will receive the webhook. {% hint style="warning" %} The webhook URL **must adhere** to the following requirements: * Uses the HTTPS protocol * Does **not** specify any custom ports {% endhint %} 7. In the **Body Template** field, construct a JSON body for the webhook payload. {% hint style="success" %} Click **View event's payload schema** to reveal the payload schema and available data fields. You can also refer to the [Webhook Payload Schema Reference](https://docs.apono.io/docs/webhook-integrations/webhook-payload-references/webhook-payload-schema-reference) to read the descriptions of each data field. {% endhint %} 8. Enter the authentication information required by the target system. {% tabs %} {% tab title="Bearer Token" %} Follow this step to add Bearer Token authentication: 1. Under **Headers**, use the **Key** and **Value** fields to set the access token. | Key | Value | | --------------- | ---------------------- | | *Authorization* | *Bearer \* | | {% endtab %} | | {% tab title="OAuth" %} Follow these steps to add OAuth authentication: 1. From the **Authentication Type** dropdown menu, select **OAuth**. The OAuth settings appear. 2. Define the OAuth settings.
SettingDescription
Client IDUnique identifier assigned by the authorization server
Client SecretSecret key issued by the authorization server
Token Endpoint URLURL where the authorization code or refresh token is exchanged for an access token
Scopes(Optional) Set of permissions requested to access specific resources or APIs
{% endtab %} {% tab title="Custom" %} Follow these steps to add custom authentication: 1. Under **Headers**, use the **Key** and **Value** fields to set the credential information. 2. If your tool or service has several values, enter each key-value pair in a separate row. {% hint style="info" %} The following example uses [Datadog](https://docs.apono.io/docs/webhook-integrations/request-webhook/logs-and-siems/datadog) as an example. {% endhint %} | Key | Value | | -------------------- | ------------ | | *DD-API-KEY* | *\* | | *DD-APPLICATION-KEY* | *\* | | {% endtab %} | | | {% endtabs %} | | 9. From the **Triggers** dropdown menu, select one or more of the following event triggers, which correspond to Apono access request statuses: * **RequestCreated** * **RequestApproved** * **RequestExpired** * **RequestFailed** * **RequestGranted** * **RequestRejected** 10. Under **Filters**, define one or several filters from the listed dropdown menus. {% hint style="info" %} Filters empower admins to control the data transmitted via webhooks, minimizing the amount of data third-party tools receive and reducing unnecessary clutter. **Examples**: * Send only production requests to your admins' Slack channel. * Trigger Okta workflows for events from specific integrations or resource types. * Open a ticket in Jira or ServiceNow for manually approved requests. {% endhint %} 11. (Optional) In the **Timeout in seconds** field, enter the duration in seconds to wait before marking the request as failed. 12. (Optional) Define **Response Validators** to verify that the response from the webhook meets specified criteria: 1. Click **+ Add**. A row of settings appears. 2. Starting with *$.data.*, enter the **Json Path** of the JSON parameter. 3. In the **Expected Values** field, enter a value and press the Enter key on your keyboard. 4. Repeat step **c** to add several expected values. 5. Repeat steps **a-d** to add multiple response validators. 13. Click **Test** to generate a test event to trigger your webhook. A **Test successful** or **Test failed** response status will appear at the bottom of the page. A successful test will send mock data to the target system. {% hint style="success" %} For more information about the test, click **View Invocation Data**. A panel opens revealing the request, response, and other relevant details. Should your test fail, view these tips to [troubleshoot your webhook](https://docs.apono.io/docs/webhook-integrations/troubleshoot-a-webhook). {% endhint %} 14. Click **Save Webhook**. The new webhook appears in the **Webhooks** table. Active webhooks are preceded by a green dot. Inactive webhooks are preceded by a white dot. Apono access request logs will be sent to the target system based on the triggers you have selected.