Alex Dowbor
03/24/2022, 2:52 PMPeer
Peer
Alex Dowbor
03/24/2022, 5:40 PMPeer
Alex Dowbor
03/24/2022, 8:12 PMAlex Dowbor
03/24/2022, 8:17 PMPeer
Peer
Alex Dowbor
03/24/2022, 10:11 PMPeer
Ali
03/25/2022, 4:40 AMOne more thing @Peer, @Bailey does your webhook issue a security signature that we can verify as part of the payload? Do you have docs/samples on that regard? We are trying to ensure the request is a trusted request.Currently we don't but I think it's a good idea to do that. I'll add this to TODO for the coming weeks/months.
Alex Dowbor
03/25/2022, 12:49 PMfunction getSignature(authToken, url, params) {
// get all request parameters
var data = Object.keys(params)
// sort them
.sort()
// concatenate them to a string
.reduce((acc, key) => acc + key + params[key], url);
return crypto
// sign the string with sha1 using your AuthToken
.createHmac('sha1', authToken)
.update(Buffer.from(data, 'utf-8'))
// base64 encode it
.digest('base64');
}
Alex Dowbor
03/26/2022, 12:42 AMAli
03/26/2022, 6:20 AMAli
04/06/2022, 11:57 AMAlex Dowbor
04/06/2022, 1:41 PMAli
04/06/2022, 4:07 PMAlex Dowbor
04/06/2022, 4:50 PM