Webhook Secret

フォローする

Ty Thorsen

• 2022年04月13日 22:45
• 編集済み

Question for securing a custom webhooks integration...

When you set a Secret value for a URL webhook, how is that value used? I'm not seeing anything come through in the request payload, nor the headers, that matches the value that I've set.

1

• 

  Todd Stoffer

  • 2022年04月21日 17:08

  Hi Ty Thorsen To validate the incoming webhook on your end you would need to take the message and generate the hash using whatever you type in the secret as the key to generate the hash. This article from Github also may help to provide some additional details - https://docs.github.com/en/developers/webhooks-and-events/securing-your-webhooks. So in the header of the webhook you will see the hash - then you recreate the hash on your side to validate the webhook. 

  0

  コメントアクション Permalink

サインインしてコメントを残してください。