# Using OAuth 2.0 Authentication for Your Custom Webhook

{% hint style="info" %}
If your custom webhook uses basic authentication or token authentication, see [Webhook Authentication](https://docs.thousandeyes.com/product-documentation/alerts/standard-notification-methods/classic-webhooks-for-alert-notifs#webhook-authentication) for configuration details.
{% endhint %}

### Using an OAuth Code

If your webhook uses OAuth 2.0, do the following when you [create the webhook](https://docs.thousandeyes.com/product-documentation/integration-guides/custom-webhooks):

1. In the **Add New Custom Integration** panel, in the **Auth Type** field, select **OAuth Code**.
2. \[Optional] If your auth server performs verification on the redirect URI, provide the following: `https://app.thousandeyes.com/namespace/integrations/AuthCallbackPage.html`
3. Provide the required information for the resulting fields:
   * **Auth URL**
   * **Token URL**
   * **Client ID**
   * **Client Secret**
4. In the **Token** field, click **Get Token**.
5. Log in to authorize the ThousandEyes platform.

   When the login and token retrieval processes are successful, the form displays your token.
6. Save your webhook.

### Using OAuth Client Credentials

If your webhook uses OAuth client credentials, do the following when you [create the webhook](https://docs.thousandeyes.com/product-documentation/integration-guides/custom-webhooks):

1. In the **Add New Custom Integration** panel, in the **Auth Type** field, select **OAuth Client Credentials**.
2. Provide the required information for the resulting fields:
   * **Token URL**
   * **Client ID**
   * **Client Secret**
3. In the **Token** field, click **Get Token**.
4. Log in to authorize the ThousandEyes platform.

   When the login and token retrieval processes are successful, the form displays your token.
5. Save your webhook.

### Troubleshooting

Some OAuth servers require clients that wish to authenticate into them to supply an optional query parameter called **state**. Currently, ThousandEyes custom webhooks do not support this optional parameter. Custom webhook authentication will fail if this parameter is requested. If your authentication is failing, check your OAuth configuration to see if it requires the **state** parameter. If it does, you can:

* Try another authentication method.
* Supply the **state** parameter yourself:
  1. Send a request to retrieve the **state** parameter code.
  2. Using the code received, send another request to retrieve the authorization token.
  3. Paste that token into the **Token** field instead of clicking **Get Token** in step 3, above.

For a description of the authorization code flow, see [Auth0's overview](https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow).