GrowSurf-Signature
will be included in the header of all outgoing requests to your webhook endpoint.GrowSurf-Signature
. You will need to compute a hash once the payload is received and compare it against the GrowSurf-Signature
value provided by GrowSurf within the header. Those steps are outlined below.GrowSurf-Signature
header contains a timestamp and a signature hash value. The timestamp is prefixed by ts=
, and the signature value is prefixed by v=
.,
character as the separator to get a list of elements. Then split each element using the =
character as the separator to get a key/value pair.
The value for key/prefix ts
corresponds to the timestamp and the v
key/prefix corresponds to the signature you will use to compare your generated hash against.ts
.
SHA256
hash function. Use the endpoint's signing secret token as the key (which you added in the Options step in the Campaign Editor), and use the signed payload string from Step 2 as the message.ts
. Then decide if the difference is within your tolerance.