On the off chance anyone else is wrestling with this, while I know how Ghost calculates the hash based on a secret to be passed via webhook header, and I’m using the same algorithm, I still can’t get it to match up with the hash being passed in the X-Ghost-Signature webhook header. crypto.createHma…

The signature includes a timestamp, you’ll need to strip it: [image] Issue Title: Unable to Verify Ghost Event Using Webhook Using Ghost You can set a webhook secret. Here’s how the secret is generated (tldr: hmac of the request payload signed with the shared secret): …

Calculating sha256 for Ghost webhook

Developer help

vikaspotluri123 January 25, 2024, 3:32am 2

The signature includes a timestamp, you’ll need to strip it:

Topic		Replies	Views
Ghost Webhook implementation example Developer help	5	2412	April 8, 2019
Support for Headers and Body in Webhooks Using Ghost	1	548	November 23, 2020
What Payloads do the Webhook events provide? Integrations & API	3	612	March 8, 2023
Timestamp service Ideas	0	486	February 1, 2019
Does Ghost backend have any log related to webhooks Developer help	5	460	June 17, 2020

Calculating sha256 for Ghost webhook

Related Topics