Knox Webhook Notification 25.04 release notes

Prevention of replay attacks

To prevent replay attacks, a new header parameter x-knox-nonce, is introduced in callback POST requests sent to the Create subscription endpoint. The x-knox-nonce is a unique identifier that is generated and included in each callback triggered by Knox cloud services subscription events.

Each callback request contains a unique nonce value. The receiving server can validate that the nonce has not been previously used. If the server detects a duplicate nonce, it should reject the request and prevent further processing. This security enhancement ensures every callback request is unique and verifiable, mitigating the risk of replay attacks.

Back to release notes