Create webhook secrets to authenticate your webhook destinations using HTTP headers.

Creating a secret

You can create a secret by clicking the “New Secret” button in the Integrations —> Secrets view.
Creating a Secret is a secure, one-way operation. This means the Ghost platform can only create (write) secrets, but not read them. The service that sends the actual webhook events is granted read access to the secret.

Deleting a secret

If a secret is used by a webhook destination, you cannot delete it. You must first remove the secret from all webhook destinations. To delete a secret, click the context menu () and select “Delete” in the Integrations —> Secrets view.