---
title: Additional Authentication | SafetyKit
description: Deploy AI agents to automate risk reviews, onboarding, and investigations. Trusted by leading marketplaces and fintech platforms.
---

SafetyKit signs all webhooks in order to ensure the security and authenticity of all webhook requests.

This security mechanism is already sufficient (and better) than other methods such as HTTP Basic Authentication, or using an authentication token. However, some systems and IT departments have varying requirements for any HTTP request hitting their services (including webhooks), so SafetyKit has built-in support for these additional authentication modes.

## HTTP Basic Authentication

HTTP Basic Authentication (Basic Auth), is a common way of sending a username and password along with a request. While there are different ways of passing these credentials, the simplest and most common way is to include it as part of the URL before the domain:

```
https://USERNAME:PASSWORD@example.com/safetykit/webhooks/
```

## Header-based authentication

Some systems require specific headers to be present in the request in order to be accepted by their load balancers or application servers. Often, this takes the form of a specific authentication token passed in the `Authorization` header.

SafetyKit supports configuring custom headers to be sent on every request to a webhook endpoint on our [Developer page](https://app.safetykit.com/t/_current/developer).

## Firewalls (IP blocking)

Many, often larger, organizations have strict firewall rules for which IPs are allowed to send traffic to their systems. While this is not a very strong security mechanism on its own, it’s often useful when used in conjunction with other methods (such as webhook signatures).

In order to support these organizations and their requirements, SafetyKit only sends webhooks requests from the IP addresses below:

```
44.228.126.217
50.112.21.217
52.24.126.164
54.148.139.208
```