Skip to main content

Hi,

I am using the Catch Raw Hook feature from Zapier.

 

My server will push events to that Raw Hook’s URL. I know that URL should be treated like a secret but as an additional guarantee I wanted to ensure in the Zap flow that the received message actually was sent from our servers.

 

Usually this is done by signing the message payload and including a header in the POST request.

 

I cannot seem to find a way to do signature verification in the Zap though.

The JavaScript code feature is limited and not allowed third party node modules such as crypto.

I tried using AWS lambda to do the verification on our side but even when throwing an exception in the lambda to indicate that the signature verification failed, the zap still continues to the next step.

 

Is this possible in any way?

Thanks,

Hi @ralphsomeday 

The Zapier Webhooks app trigger does not currently support signature verification responses.

Try using: https://webhook.site/


What would https://webhook.site/ help me with?


@ralphsomeday 

You can specify a response body to verify the signature request

 


Hi Troy,

I finally managed to accomplish what I want using NodeJs Crypto module.

 

Thanks for your help,


@ralphsomeday 

Would you mind sharing your code snippet for others to learn from? Thanks.