Secure Webhooks

Hello,

My question is related to the authenticity check of the webhook events. I have successfully registered the webhook, but my authenticity check fails for some reason. What exactly is meant by the request body in point 4: (https://developers.wrike.com/webhooks/) -> hmacSha256(key: secret, value: request body) . What exactly is being hashed by Wrike? I have tried to hash the req.body and also the req.body[0], both formatted and simply as a string, unfortunately none of these variants resulted in the same hash as the x-hook-secret header. Now I'm a little confused, could someone help me with this?

 

0
👍 Spot On 💡 Innovative Approach 💪 Stellar Advice ✅ Solved 🪄 Remove Kudos
1 comentário

Hi Max Krägeloh, welcome to the forums! We'll need tech assistance here, so I've asked our API experts to reach out to you about your question 👍 Feel free to let the Community know here once you speak with our Support 🙂

Lisa Community Team at Wrike Wrike Product Manager Become a Wrike expert with Wrike Discover

Lisa Wrike Team member Become a Wrike expert with Wrike Discover

0
👍 Spot On 💡 Innovative Approach 💪 Stellar Advice ✅ Solved 🪄 Remove Kudos

Folllowing List for Post: Secure Webhooks
[this list is visible for admins and agents only]

Alto
Didn’t find what you were looking for? Write new post