Secure your Webhook
Learn how to verify webhook signatures to make sure malicious actors can't send fake data to your server
Terra will always sign the webhook events it sends to your endpoint by including a signature in each event’s terra-signature header. This allows you to verify that the events were sent by Terra and not by a malicious third party. You can verify signatures either using our official libraries, or manually using your own solution.
🔐
Webhook Signature Verification
Open Recipe
Using the raw request body
Make sure that the payload used by the signature verification function is the raw, unaltered payload straight from the incoming POST request.
i.e. do not load the JSON as an object, then pass it into the function
Updated 6 months ago