top | item 28068124

(no title)

Hey! Yes we do, you can either verify the webhooks yourself as you normally would (we do not alter the payload, usual verification will work) or have Hookdeck verify the signature and resign it with a Hookdeck signature associated with your workspace.

For Stripe specifically, the later is best because of the encoded timestamp in the hmac signature and that's what we do for our own Stripe webhooks.

Does that make sense?

discuss

No comments yet.