Question

Webhook - Can payload be decrypted

  • 3 May 2021
  • 1 reply
  • 19 views

Hello!

I am not currently a Zapier customer but a potential integrator for our customers that use this service.

We’re looking to possibly use a webhook to send some information, which could be sensitive in some cases. We were thinking of encrypting the JSON payload with a shared secret.

With Zapier, would a customer receiving this encrypted payload be able to decrypt it in Zapier to then process that data how they wish?

Thank you!


1 reply

Userlevel 6
Badge +9

That’s possible, but you might consider that the message is sent from your app to Zapier via HTTPS and is thus already encrypted.

What some have asked for is the ability to provide a digest of the message, to ensure the message integrity. This is possible, assuming you implement key agreement during hook subscription, or as part of auth.

Reply