NearIRM

Authentication

How to authenticate with NearIRM webhooks and APIs

Webhook Authentication

When sending alerts to NearIRM, authentication is built into the webhook URL. Each integration has a unique URL that includes an integration ID:

https://irm.nearlunar.com/api/webhooks/grafana/{integrationId}

The integrationId acts as the authentication token. Anyone with this URL can send alerts to your integration.

Security Best Practices

Keep URLs Private

  • Don't commit webhook URLs to public repositories
  • Use environment variables or secrets management
  • Rotate URLs if potentially compromised

Rotating Webhook URLs

If a URL is exposed:

  1. Go to Settings > Integrations
  2. Find the affected integration
  3. Click Regenerate URL
  4. Update your monitoring tool configuration

The old URL stops working immediately.

IP Allowlisting

NearIRM accepts webhooks from any IP address. If your monitoring tool supports it, you can limit outbound webhooks to known NearIRM IPs, but this is not required.

Dashboard Authentication

The NearIRM dashboard uses session-based authentication:

  1. Login - Email/password or magic link
  2. Session - Stored in secure HTTP-only cookie
  3. Expiry - Sessions expire after 30 days of inactivity

Multi-Organization Support

Users can belong to multiple organizations. The current organization context is stored in the session.

API Access

NearIRM currently provides webhook endpoints for alert ingestion. A full REST/GraphQL API for programmatic access is planned for future releases.

Alerts

Understand alert lifecycle, states, and available actions

Webhook Formats

Complete reference for NearIRM webhook payloads

On this page

Webhook AuthenticationSecurity Best PracticesKeep URLs PrivateRotating Webhook URLsIP AllowlistingDashboard AuthenticationMulti-Organization SupportAPI Access