Verify signature of incoming webhook

Hi,

I am using the Catch Raw Hook feature from Zapier.

My server will push events to that Raw Hook’s URL. I know that URL should be treated like a secret but as an additional guarantee I wanted to ensure in the Zap flow that the received message actually was sent from our servers.

Usually this is done by signing the message payload and including a header in the POST request.

I cannot seem to find a way to do signature verification in the Zap though.

The JavaScript code feature is limited and not allowed third party node modules such as crypto.

I tried using AWS lambda to do the verification on our side but even when throwing an exception in the lambda to indicate that the signature verification failed, the zap still continues to the next step.

Is this possible in any way?

Thanks,

Page 1 / 1

Hi @ralphsomeday

The Zapier Webhooks app trigger does not currently support signature verification responses.

Try using: https://webhook.site/

What would https://webhook.site/ help me with?

@ralphsomeday

You can specify a response body to verify the signature request

Hi Troy,

I finally managed to accomplish what I want using NodeJs Crypto module.

Thanks for your help,

@ralphsomeday

Would you mind sharing your code snippet for others to learn from? Thanks.

Useful links

Code of conduct

Using the Community

Community expectations

Useful links

Code of conduct

Using the Community

Community expectations

Sign up

Use your Zapier credentials

Log in to the Community

Use your Zapier credentials

Scanning file for viruses.

This file cannot be downloaded