I am using the Catch Raw Hook feature from Zapier.
My server will push events to that Raw Hook’s URL. I know that URL should be treated like a secret but as an additional guarantee I wanted to ensure in the Zap flow that the received message actually was sent from our servers.
Usually this is done by signing the message payload and including a header in the POST request.
I cannot seem to find a way to do signature verification in the Zap though.
I tried using AWS lambda to do the verification on our side but even when throwing an exception in the lambda to indicate that the signature verification failed, the zap still continues to the next step.
Is this possible in any way?
Best answer by ralphsomedayView original