#23463: Cron: require authenticated webhook delivery
docs
gateway
size: M
trusted-contributor
Cluster:
Cron Job Stability Fixes
## Summary
- require authenticated cron webhook delivery for `delivery.mode = "webhook"`
- reject cron add/update webhook jobs when `cron.webhookToken` is missing
- skip runtime webhook sends when token is absent (no unauthenticated fallback)
- keep auth header explicit on webhook POST (`Authorization: Bearer <cron.webhookToken>`)
- update cron docs/config reference/control-ui docs to match enforced behavior
## Why
Webhook delivery without auth is a high-risk footgun. This change makes unauthenticated webhook delivery impossible by default for webhook-mode jobs.
## Testing
- `pnpm test src/cron/service.jobs.test.ts src/cron/service.get-job.test.ts src/gateway/server-cron.test.ts`
- `pnpm test:e2e src/gateway/server.cron.e2e.test.ts`
- `pnpm check`
<!-- greptile_comment -->
<h3>Greptile Summary</h3>
Enforces authenticated webhook delivery for cron jobs by requiring `cron.webhookToken` for `delivery.mode = "webhook"` jobs. Jobs are rejected at creation/update time when the token is missing, and runtime webhook sends are skipped (with warning) when the token is absent. Legacy `notify: true` jobs remain backwards-compatible but will skip webhook delivery without a token. Documentation updated across all references to clarify the requirement.
<h3>Confidence Score: 5/5</h3>
- This PR is safe to merge with no issues identified
- The implementation is thorough with validation at both creation/update time and runtime. Test coverage is comprehensive including unit and e2e tests. Documentation is consistent across all references. The security improvement eliminates unauthenticated webhook delivery while maintaining backwards compatibility for legacy jobs. Code follows existing patterns and includes proper error messages.
- No files require special attention
<sub>Last reviewed commit: 6dfe67f</sub>
<!-- greptile_other_comments_section -->
<!-- /greptile_comment -->
Most Similar PRs
#19767: cron: validate webhook delivery targets on create
by advaitpaliwal · 2026-02-18
85.5%
#20329: Fix cron.run WS blocking and harden delivery recovery
by guirguispierre · 2026-02-18
73.7%
#11216: Fix nightly failures: cron webchat delivery result + media cleanup ...
by DeanoC · 2026-02-07
73.4%
#5498: Cron: honor next-heartbeat
by sebslight · 2026-01-31
72.8%
#19998: macOS: harden cron editor updates and compatibility
by tobiasbischoff · 2026-02-18
72.5%
#8698: fix(cron): default enabled to true for new jobs
by emmick4 · 2026-02-04
71.7%
#18743: Cron Tool Hardening: Normalize Gateway Params and Enforce Valid Sch...
by cccat6 · 2026-02-17
71.7%
#6522: fix(cron): deliver original message when agent response is heartbea...
by sidmohan0 · 2026-02-01
71.5%
#12086: fix(cron): ensure timer callback fires for scheduled jobs
by divol89 · 2026-02-08
71.4%
#21014: fix(cron): suppress main-session summary for HEARTBEAT_OK responses
by nickjlamb · 2026-02-19
70.4%