What login and password are for when creating a webhook
The login and password fields are needed if the webhook endpoint on your side is protected with Basic Auth. In this case, we use these credentials when sending HTTP requests with events to your endpoint.
When the fields are needed
Specify login and password when creating a webhook if your server accepts incoming webhooks only after Basic Auth.
For example, your endpoint may require an authorization header before it accepts an event from Kinescope. Then the login and password from the webhook settings are used to access that endpoint.
When the fields are not needed
If the endpoint is open for incoming webhooks or uses another verification method, you can leave login and password empty.
In this case, make sure the endpoint is still protected in a way that works for you: for example, it accepts requests only over HTTPS, validates the request source, or uses custom server-side verification.
What to keep in mind
login and password are not credentials for your Kinescope account. They are credentials for your endpoint if it is protected with Basic Auth.
Do not use a personal account or control panel password in these fields. Create separate credentials for the webhook endpoint.