On the off chance anyone else is wrestling with this, while I know how Ghost calculates the hash based on a secret to be passed via webhook header, and I’m using the same algorithm, I still can’t get it to match up with the hash being passed in the X-Ghost-Signature webhook header. crypto.createHma…

The signature includes a timestamp, you’ll need to strip it: [image] Issue Title: Unable to Verify Ghost Event Using Webhook Using Ghost You can set a webhook secret. Here’s how the secret is generated (tldr: hmac of the request payload signed with the shared secret): …

Calculating sha256 for Ghost webhook

Developer help

vikaspotluri123 January 25, 2024, 3:32am 2

The signature includes a timestamp, you’ll need to strip it:

Topic		Replies	Views
Webhook signature mismatch - secret and body checked Bugs	3	66	February 26, 2025
Wehbook validation, in phython Using Ghost	2	71	August 25, 2024
Is there any way to add custom header to webhooks? Integrations & API	4	835	December 19, 2024
Issue Title: Unable to Verify Ghost Event Using Webhook Using Ghost	17	839	December 12, 2024
Clarification of Ghost Webhook Documentation Developer help	2	1026	May 30, 2020

Calculating sha256 for Ghost webhook

Related topics