As shown in the Why Verify section, verifying incoming webhooks is very important. This section describes how to do it.
First install the libraries if you haven't already:
Gradle: Add this dependency to your project's build file:
Maven: Add this dependency to your project's POM:
On macOS install via Homebrew:
On Windows install via Scoop:
For other platforms, such as linux, checkout the CLI docs on Github.
Then verify webhooks using the code below. The payload is the raw (string) body of the request, and the headers are the headers passed in the request.
The signature you should get from where you added the endpoint, e.g. the application portal.
No easy way to verify the signature just with cURL.
Here are examples on how to adjust the above examples to your favourite framework!
Once you've setup your project add a route to your
config/routes.rb file at the top of the
The route above declares that
POST /webhook requests are mapped to the index action of
WebhookController and its index action, we'll run the controller generator (with the
--skip-routes option because we already have an appropriate route):
Rails will create several files for you:
Now we can add our verification logic to the newly created
routes/api.php file add the following after the last use directive: