With over 32 million successful deployments, one of our most requested features in the past few months has been private Services and API access keys.
It's now very easy to restrict public access to hook.io services.
To quickly get started, new security settings are now available when creating or editing hooks.
For more information on how this works, keep on reading.
hook.io provides a very simple mechanism for creating API Access keys which are mapped to a custom list of roles. These roles represent hook.io system events, which are subject to role based permission checks.
Role checks for API access are performed by sending a valid
hook_private_key HTTP parameter in client request targeting hook.io
hook_private_key can be provided by any of the following formats: query string, json, form, multipart-form, or http header value.
Key Based API Access
Multiple API Access Keys can be created with custom roles, allowing granular role based permission access for any number of users or third-party services accessing hook.io
Third-Party Developer Support
In addition to implementing API Access Keys, all service endpoints on hook.io are now exposed as HTTP API endpoints with role based permission checks.
The best way to see this in action is to visit the new Datastore HTTP API Endpoint.
Streaming System Events
All events and role checks on hook.io are now logged at the /events endpoint.
The System Events API endpoint provides a high level of visibility into when your services on hook.io are being accessed, and which client is accessing them.
The events API endpoint is widely accessible and is capable of providing streaming responses.
Business Grade Security and Service
This new seamlessly functionality provide secure services to third-party applications, allowing a whole new class of applications to be developed!
We hope to hear about the services you build soon!