Menu
I am planning to receive GCP stackdriver alerting via webhooks to an on-premise network. I need some recommendation on how to manage privacy and authentication. I will be using an SSL enabled endpoint URL and I am trying to find documentation to set up token authentication or even possibilities to white list IP addresses/domain on my on-premise firewall.
264
asked Dec 07 '25 06:12
Stackdriver can use basic authentication (so you definitely want to use SSL/TLS). In the ui, check the checkbox for basic auth and enter a username and password. I recommend choosing a strong, high-entropy password. You can read more on basic authentication here, but the basic idea is that your endpoint will receive a request with a header that looks like this:
Authentication: Basic <Base64 Value>
Simply pull the Authentication header value, strip off Basic (including the space) from the beginning and base64 decode the rest. The base64 decoded value should just be username:password. Check that that matches what you have stored and you should be good to go.
Additionally, you can get the list of Google Uptime IP addresses here and check that the IP address the request came from matches those. I'd recommend this only as a second factor to the basic auth as any change on Google's side could result in either rejection of legitimate traffic or allowance of non-legitimate traffic on your side.
106
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
