Secure Webhooks
Hello,
My question is related to the authenticity check of the webhook events. I have successfully registered the webhook, but my authenticity check fails for some reason. What exactly is meant by the request body in point 4: (https://developers.wrike.com/webhooks/) -> hmacSha256(key: secret, value: request body) . What exactly is being hashed by Wrike? I have tried to hash the req.body and also the req.body[0], both formatted and simply as a string, unfortunately none of these variants resulted in the same hash as the x-hook-secret header. Now I'm a little confused, could someone help me with this?
Hi Max Krägeloh, welcome to the forums! We'll need tech assistance here, so I've asked our API experts to reach out to you about your question 👍 Feel free to let the Community know here once you speak with our Support 🙂
Lisa Community Team at Wrike Wrike Product Manager Become a Wrike expert with Wrike Discover
Lisa Wrike Team member Become a Wrike expert with Wrike Discover