How to add authorization to a Contentful webhook so it triggers a GitHub action?

Question

I've got a simple Gatsby site that pulls some content from a Contentful CMS. The repo is set up to publish to GitHub pages via an action that's triggered on commits to main. That all works.

Now I'm trying to add a webhook to Contentful to trigger that action when new content is published. I've created the webhook and added a secret header, putting token in the Key field and the personal access token from GitHub in the Value field. When I test the webhook, I see the token field being sent to GitHub, but it always responds with a 404.

What am I doing wrong?

Answer 1

Being an auth newbie, I now realize I wasn't setting up the header correctly. Since the examples showed a token string before the personal access token, I used that as the header key, and put the PAT in the value field. This post helped me realize the obvious point that the header is called Authorization, so I needed to include that. So I put Authorization: token in the Key field and the PAT in the Value field.

But that doesn't work either, because Contentful correctly doesn't allow colons in the key string. You have to actually put token (with a space) in the Value field, as a prefix to the PAT, which starts with ghp_. The Value field's text is hidden, so you'll probably want to type out the token ghp_... string somewhere else and copy/paste into Contentful. An ugly ASCII version of the dialog is shown below.

tl;dr

Key (required):
[Authorization                ]    

Value (required): 
[token ghp_a1b2c3456...       ]  (<-- this will show as just ****)