>It is important to note that with HTTP Basic Authentication the provided username and password are not encrypted.
In some cases your webhook may need to authenticate with another service. You can set the basic `Authentication` header with a username and password. For these use cases we expose the following additional parameters:
*`auth` - Sets the request's `Authorization` header to use HTTP Basic Authentication with the provided username and password below.
*`username` - The username as a string.
*`password` - The password as a string.
Example configuration to include HTTP Basic Authentication:
```yaml
notify:
webhook:
method: POST
auth:
username: $$USERNAME
password: $$PASSWORD
urls:
- https://tower.example.com/...
```
## Debugging Webhooks
>If you have private variables that are encrypted and hidden in `.drone.sec`, remember that the `debug` flag may print out those sensitive values. Please use `dubug: true` wisely.
In some cases complicated webhooks may need debugging to ensure `urls`, `template`, `auth` and more a properly configured. For these use cases we expose the following `debug` parameter:
*`debug` - If `debug: true` it will print out each URL request and response information.
Example configuration to include the `debug` parameter: