On the off chance anyone else is wrestling with this, while I know how Ghost calculates the hash based on a secret to be passed via webhook header, and I’m using the same algorithm, I still can’t get it to match up with the hash being passed in the X-Ghost-Signature webhook header. crypto.createHma…

The signature includes a timestamp, you’ll need to strip it: [image] Issue Title: Unable to Verify Ghost Event Using Webhook Using Ghost You can set a webhook secret. Here’s how the secret is generated (tldr: hmac of the request payload signed with the shared secret): …

Calculating sha256 for Ghost webhook

Developer help

vikaspotluri123 January 25, 2024, 3:32am 2

The signature includes a timestamp, you’ll need to strip it:

Topic		Replies	Views
Webhook signature mismatch - secret and body checked Bugs	3	79	February 26, 2025
Issue Title: Unable to Verify Ghost Event Using Webhook Using Ghost	17	912	December 12, 2024
Wehbook validation, in phython Using Ghost	2	89	August 25, 2024
Is there any way to add custom header to webhooks? Integrations & API	4	901	December 19, 2024
Ghost Webhook - HTTP Basic Authentication Developer help	3	1330	April 10, 2019

Calculating sha256 for Ghost webhook

Related topics