Using HMAC256 in webhook

I want to create a webhook trigger when a license is updated and struggle with webhook authorization.
The “HMAC256” algorithm requires a secret key and a “password” to generate a signature.

From the doc, I know that “Token” is The secret key. So where I can config the “password”?


HMAC algo requires secret and data. Secret key (or password) in this case is token and data is the whole JSON.

1 Like

So it is the body of the request right?

Correct, it is the request body.