![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 78%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDP%3C/text%3E%3C/svg%3E)
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,366 questions
Hi,
The illustrated scenario is the only one possible. Azure Automation is public service and the webhooks do not have additional authentication. The only authentication is via the webhook url which contains the token that allows the authorization. You can use Azure private endpoint in order to secure the webhook URLs to not be public and thus secure them a little bit more. You can additioanlly code your runbooks in a way that they should expect some parameter with specific value to be passed in order to execute the actions in the runbook. Note that in any way is not authentication mechanism just additional protection in case the webhook is compromised.
Webhooks can be long term and how you treat them depends on your security requirements. If you can create some automation workflow that creates new webhooks on specific period of time and replaces them in the places where you use them that certainly will increase the security of them. Remember to issue the webhooks for period valid until your next workflow run or delete the old ones once they are replaces.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.