Webhook Secret
Question for securing a custom webhooks integration...
When you set a Secret value for a URL webhook, how is that value used? I'm not seeing anything come through in the request payload, nor the headers, that matches the value that I've set.
1
コメント
Hi Ty Thorsen To validate the incoming webhook on your end you would need to take the message and generate the hash using whatever you type in the secret as the key to generate the hash. This article from Github also may help to provide some additional details - https://docs.github.com/en/developers/webhooks-and-events/securing-your-webhooks . So in the header of the webhook you will see the hash - then you recreate the hash on your side to validate the webhook.
サインインしてコメントを残してください。