Skip to main content

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Learning Resources
All of our best learning resources can be found here.

Featured Articles Show & Tell Zapier's products AI Hub Zapier Tools Hub

Share your knowledge
Give back to the Community by sharing your automation wins and helping to answer questions.

Share your success See unanswered questions User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Best answer

Verify signature of incoming webhook

R

Hi,

I am using the Catch Raw Hook feature from Zapier.

 

My server will push events to that Raw Hook’s URL. I know that URL should be treated like a secret but as an additional guarantee I wanted to ensure in the Zap flow that the received message actually was sent from our servers.

 

Usually this is done by signing the message payload and including a header in the POST request.

 

I cannot seem to find a way to do signature verification in the Zap though.

The JavaScript code feature is limited and not allowed third party node modules such as crypto.

I tried using AWS lambda to do the verification on our side but even when throwing an exception in the lambda to indicate that the signature verification failed, the zap still continues to the next step.

 

Is this possible in any way?

Thanks,

Best answer by ralphsomedayBest answer by ralphsomeday

Hi Troy,

I finally managed to accomplish what I want using NodeJs Crypto module.

 

Thanks for your help,

View original
Did this topic help you find an answer to your question?
This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

5 replies

Troy Tessalone
Forum|alt.badge.img+14

Hi @ralphsomeday 

The Zapier Webhooks app trigger does not currently support signature verification responses.

Try using: https://webhook.site/

⚡ Troy Tessalone - AutomationAce.com | Premier Certified Zapier Expert | #1 Zapier Community Contributor
R
  • ralphsomedayBeginner
  • Author
  • Beginner
  • 3 replies
  • July 30, 2021

What would https://webhook.site/ help me with?

Troy Tessalone
Forum|alt.badge.img+14

@ralphsomeday 

You can specify a response body to verify the signature request

 

⚡ Troy Tessalone - AutomationAce.com | Premier Certified Zapier Expert | #1 Zapier Community Contributor
R
  • ralphsomedayBeginner
  • Author
  • Beginner
  • 3 replies
  • Answer
  • August 2, 2021

Hi Troy,

I finally managed to accomplish what I want using NodeJs Crypto module.

 

Thanks for your help,

Danvers
1 person likes this
  • Danvers
    Danvers
Troy Tessalone
Forum|alt.badge.img+14

@ralphsomeday 

Would you mind sharing your code snippet for others to learn from? Thanks.

⚡ Troy Tessalone - AutomationAce.com | Premier Certified Zapier Expert | #1 Zapier Community Contributor
L
1 person likes this
  • L
    liger
Terms & Conditions