Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question. Don’t forget to select tags to help index your topic!
1. Describe your incident:
Hello,
We are working with Graylog5 and I’d like to setting up Alerts with HTTP Notification linked to our API in AWS.
It works fine without API KEY but when I configure it (api key) in Graylog Notification, it response " Error: Expected successful HTTP response [2xx] but got [403].".
I don’t know if it need a specific name for “api key”…
I tested the API with postman and curl from instance where the graylog server is and it worked fine.
You are right, security of API-keys is a bit more involved.
When sending via SSL, the query string is also encrypted. In that sense it isn’t any less secure than putting the key in a header. But URLs may get logged or passed as referrer headers, exposing the key. Headers are better in that regard.
API-Keys shouldn’t be used for authentication anyway. Here is a pretty good discussion: