Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add a Webhook in the Juniper Mist Portal

  1. In the Juniper Mist™ portal, navigate to the organization or site settings:

    • For organization-level webhooks, select Organization > Settings.

    • For site-level webhooks, select Organization > Site Configuration, and then select the site.

  2. Scroll down to the Webhooks section, and click Add Webhook.
    Location of the Add Webhooks button
  3. Enter the information:

    • Name—Enter a name to identify this webhook.

    • Webhook Type—Unless you are sending webhooks to a Splunk installation, select HTTP Post.

    • URL—Enter the URL of destination you want Mist to send the webhooks to.

    • Topics—Select the topics you want to receive webhooks for. You must select at least one.

  4. (Optional) Click Advanced Settings for additional options.

    • Verify Certificate—This option is enabled by default. If you do not want Mist to verify that the certificate of the webhook receiver is valid, click No. Although this method is not secure, it does provide some flexibility if your webhook receiver does not have a valid signed certificate. We do not recommend this method, for security reasons.

    • Secret (HTTP-POST only)—Using a secret allows you to specify a secret (like a password) used to calculate a pair of HTTP headers. A secret enables you to verify that the message is coming from Juniper Mist and has not been modified.

    • Custom Headers—The Custom Headers configuration enables you to specify any custom headers needed for your webhook receiver. Some receivers (or their proxies) require a token-based authentication method, user-based authentication, or a method to present custom headers to indicate the type of data being sent. 

    Note:

    Keep these cautions in mind when considering whether to use a secret or custom headers:

    • When a secret is provided, two HTTP headers will be added:
      • X-Mist-Signature: HMAC_SHA1 (secret, body)
      • X-Mist-Signature-v2: HMAC_SHA256 (secret, body)
    • If the headers format is invalid, “X-Mist-Error”: “headers format invalid” will be sent.
    • If the total bytes of the headers exceed 1000, “X-Mist-Error”: “headers too big” will be sent.
    • If any header value is not a string, “X-Mist-Error”: “header[%s] not a string” will be sent.
  5. Click Add.