This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Docs Support
Docs Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Fivetran Webhook API - Webhook Payload

padmaashini
New Contributor

‎08-10-2023 02:10 PM

Hi, 

I created a webhook with a secret through REST API according to https://fivetran.com/docs/rest-api/webhooks#signing. However, my webhook payload does not include a signature in its headers. Any help on this would be appreciated, thanks!

Labels:
0 Kudos
1 REPLY 1

imutkarshpatil
New Contributor

‎08-28-2023 11:31 AM

Before we try to resolve this issue, can you confirm using this API you are seeing the secret value set in the response body?

If yes, you should have the signature available in the webhook request header as request.headers['x-fivetran-signature-256']

Below is the sample code in javascript for the verification:

import { createHmac } from 'crypto';

const signatureSecret = <YOUR_SECRET>;

const checkSignature = (request) => {
    const actualSignature = request.headers['x-fivetran-signature-256'];
    if (actualSignature && signatureSecret) {
        const expectedSignature = createHmac('sha256', signatureSecret).update(request.body).digest('hex');
        if (actualSignature.toUpperCase() === expectedSignature.toUpperCase()) {
            console.log(green('Signature OK'));
            // Return true if the signature is valid
            return true;
        } else {
            console.log(red('Signature mismatch'));
            // Return false if the signature is invalid
            return false;
        }
    }
};