Hi team,

Ingesting events by webhook is a big time saver as Fivetran can expose a public endpoint and manage this for us. Nevertheless, it assumes the webhook event sender (or endpoint caller) will be controlled by Fivetran's customer, which is not my case.

The biggest pain is the configuration of the HMAC Authentication mechanism, where Fivetran expects the X-Fivetran-Hmac-Sign and X-Fivetran-Hmac-Algo headers. My (3rd party) source can send an HMAC header with a signature value for its events, but only in the X-Signature header with a sha512=<signature> value. Also, this source is the one generating the secret, and Fivetran cannot be configured to accept a different secret.

Since Fivetran is the solution for data transfer, I believe it should be more flexible in how to configure this authentication mechanism to be be able to accept common patterns seen in the industry. In summary:

1. Accept an external secret, instead of only its generated one.
2. Customize the header name in which to look for the HMAC signature, instead of the fixed X-Fivetran-Hmac-Sign one.
3. Customize the way to look for the HMAC algorithm, either another header name or in the prefix of the signature value (<algo>=<signature>) or just a dropdown selection in the connector setup, instead of the fixed X-Fivetran-Hmac-Algo header.

With these changes I believe the Webhook connector will be applicable to much more use cases. Please consider its implementation!