How to validate the authenticity of a webhook payload?
Hi, We are currently working on integrating the API of quarterly payments, and we saw that part of it works with a webhook. It's a common practice to use a signed signature that could be validated on the receiving end, in order to make sure the source of the webhook is valid and trusted. This could help as a reference implementation: https://docs.github.com/en/developers/webhooks-and-events/securing-your-webhooks
Posted by Dotan Simha 8 months ago