Using HMAC256 in webhook

linhnh19 · October 7, 2020, 7:18am

I want to create a webhook trigger when a license is updated and struggle with webhook authorization.
The “HMAC256” algorithm requires a secret key and a “password” to generate a signature.

From the doc, I know that “Token” is The secret key. So where I can config the “password”?

admin · October 7, 2020, 7:42am

Hi,

HMAC algo requires secret and data. Secret key (or password) in this case is token and data is the whole JSON.

linhnh19 · October 7, 2020, 8:40am

So it is the body of the request right?
Thanks

admin · October 7, 2020, 9:21am

Correct, it is the request body.