Webhook Injections


A webhook is used to inject messages into the Security Flow Flows engine using an HTTP operation from an external source, such as a script or external tool. Many products and services can be configured to perform a webhook call out into Security Flow. The following list is a small sampling of products with webhook support. These allow for immediate support of external products or services which can be used to trigger actions within the Security Flow Flows engine.


The Nevelex Labs Security Flow system is configured with a default webhook username and password for basic authorization. As a recommended practice, change the username and password via the settings screen.

Webhook Defaults
Setting Value Notes
User Name webhook The basic auth username. This is a configurable parameter on the settings screen.
Password AllowRequest The basic auth password. This is a configurable parameter on the settings screen. It is required that you change this password.
Additional Request Header X-SF-API-Caller Use any meaningful value for the header. Use inject as a reasonable default value.


Import the Webhook Echo Sample from the Flows Library for an example. The following example curl command shows how to use a curl command to send a webhook request into the flow.

curl -X POST -H "X-SF-API-Caller: inject;" -H "Content-Type: application/json" https://[sfHostName]/webhook/sample/ --user webhook -d '{"test":"This is my sample message."}'

Nevelex Labs, Main Office

Metro Office Park
2950 Metro Drive, Suite 104
Bloomington, MN 55425
Phone: +1 952-500-8921

©Nevelex Labs, LLC. 2018-2024, All Rights Reserved.