Rotating a webhook's secret

Rotating a webhook's secret in Global Commerce is an essential security measure ensuring the integrity and confidentiality of your webhooks. This process allows you to replace an existing webhook's secret with a new one, safeguarding your application against unauthorized access and potential security risks. By routinely updating webhook secrets, you enhance your security posture and maintain the trustworthiness of your service integration. Whether you suspect a compromise or are rotating secrets as a precautionary measure, Global Commerce provides a straightforward method to manage this process, including options for immediate replacement or a grace period for transition. This guide outlines the steps to safely and effectively rotate a webhook's secret in Global Commerce.

Secret rotation is necessary in several scenarios, including but not limited to:

1. Suspected compromise: If you suspect that your webhook's secret has been compromised, rotating it immediately helps protect against unauthorized access.

2. Routine security measures: As part of regular security hygiene, rotating secrets periodically reduce the risk of being discovered or misused.

3. Changes in integration: When there are significant changes in the systems or applications integrated with your Global Commerce webhooks, it's prudent to rotate secrets to ensure only authorized systems can communicate.

4. Policy compliance: Many organizations have policies requiring regular rotation of secrets to comply with industry standards and regulations.

When you rotate a webhook's secret in Global Commerce, you are presented with several Expiration Time options. These options determine when the new secret will become active and when the old secret will be invalidated. Here's what each option means:

• Immediately: The new secret is activated, and the old one becomes invalid. This is the best option if you suspect a compromise and need to secure your webhook immediately.

• 1 Hour: There's a one-hour grace period before the new secret is activated. Use this if you need a short window to update your systems without interrupting services.

• 3 Hours, 6 Hours, 12 Hours: These options provide longer grace periods, which are useful if multiple systems need the new secret and more time to update them all.

• 24 Hours: This option gives you a full day to transition to the new secret, minimizing the risk of service disruption for more complex integration setups.

Choosing the right expiration time depends on your operational requirements and the urgency of the secret rotation. For immediate security concerns, "Immediately" ensures the fastest protection. For planned rotations, choosing a longer duration allows for a smoother update process across your infrastructure without service interruption.

You can maintain up to five secrets per webhook. To rotate a webhook's secret:

1. Sign in to Global Commerce.

2. Select Administration, and then click Webhook Service. The Webhook Service page appears.

3. Find the webhook with the secret you want to rotate and click the Rotate Secret link. The Reveal Secret dialog appears.

4. Choose an expiration option from the Expiration Time list. Your options are Immediately, 1 Hour, 3 Hours, 6 Hours, 12 Hours, or 24 Hours.

5. Provide your Global Commerce username and click Rotate. Note that the Username field is case-sensitive. Click Reveal Secret if you want to see the new secret token.

After you rotate a webhook's secret in Global Commerce, follow these steps to ensure a smooth transition:

1. Update your systems: Immediately update all systems, applications, and integrations that use the webhook with the new secret to ensure uninterrupted service.

2. Test the webhook: Perform thorough testing to confirm that your systems can successfully receive and process webhook events using the new secret.

3. Monitor for issues: Monitor your webhook's logs and system notifications for any errors or irregularities that may indicate problems with the secret rotation.

4. Retire the old secret: Once you're confident that the new secret is working as expected and the grace period (if any) has passed, ensure no systems are still using it before it becomes invalid.