jeans/home-assistant.io
jeans/home-assistant.io
1
0
Fork 0
mirror of https://github.com/home-assistant/home-assistant.io.git synced 2025-07-16 05:46:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Describe webhook trigger allowed_methods/local_only options (#21637)

Browse Source 
Co-authored-by: Franck Nijhof <frenck@frenck.nl>
This commit is contained in:
Eric Severance 2023-04-14 03:58:28 -07:00 committed by GitHub
parent 6c49322ac3
commit 22e86c1d4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
source/_docs/automation/trigger.markdown
View File

@ -786,6 +786,10 @@ automation:
trigger:
- platform: webhook
webhook_id: "some_hook_id"
allowed_methods:
- POST
- PUT
local_only: true
```
You can run this automation by sending an HTTP POST request to `http://your-home-assistant:8123/api/webhook/some_hook_id`. Here is an example using the **curl** command line program, with an example form data payload:
@ -794,7 +798,9 @@ You can run this automation by sending an HTTP POST request to `http://your-home
curl -X POST -d 'key=value&key2=value2' https://your-home-assistant:8123/api/webhook/some_hook_id
```
Webhooks support HTTP POST, PUT, and HEAD requests; POST requests are recommended. HTTP GET requests are not supported.
Webhooks support HTTP POST, PUT, HEAD, and GET requests; PUT requests are recommended. HTTP GET and HEAD requests are not enabled by default but can be enabled by adding them to the `allowed_methods` option. The request methods can also be configured in the UI by clicking the settings gear menu button beside the Webhook ID.
By default, webhook triggers can only be accessed from devices on the same network as Home Assistant or via [Nabu Casa Cloud webhooks](https://www.nabucasa.com/config/webhooks/). The `local_only` option should be set to `false` to allow webhooks to be triggered directly via the internet. This option can also be configured in the UI by clicking the settings gear menu button beside the Webhook ID.
Remember to use an HTTPS URL if you've secured your Home Assistant installation with SSL/TLS.
@ -817,6 +823,7 @@ Webhook endpoints don't require authentication, other than knowing a valid webho
- Do not use webhooks to trigger automations that are destructive, or that can create safety issues. For example, do not use a webhook to unlock a lock, or open a garage door.
- Treat a webhook ID like a password: use a unique, non-guessable value, and keep it secret.
- Do not copy-and-paste webhook IDs from public sources, including blueprints. Always create your own.
- Keep the `local_only` option enabled for webhooks if access from the internet is not required.
## Zone trigger