Answered

Missing "typeform-signature" header in webhooks

  • 7 November 2022
  • 2 replies
  • 124 views
J

Hello, we are using webhooks to receive responses from forms to our application. We’re validating requests to the webhook endpoint using HMAC as recommended here: https://developer.typeform.com/webhooks/secure-your-webhooks/

However, our server does not actually receive the `typeform-signature` header giving us nothing to check against. Below is an example list of headers we receive. Does the `typeform-signature` header need to somehow be enabled? 

 

  'user-agent': 'Typeform Webhooks',

  'content-length': '621',

  'accept-encoding': 'gzip',

  'cache-control': 'max-age=259200',

  'content-type': 'application/json',

  via: '1.1 squid-7d6c9d5675-vxb6w (squid/5.2)',

  'x-forwarded-for': '18.210.136.162',

  'x-forwarded-proto': 'http'

icon

Best answer by jackfischer11 7 November 2022, 19:19

View original

2 replies

J

Determined the issue was not supplying the `secret` field in the original `typeformAPI.webhooks.create` call to create the webhook configuration. 

andrew_videoask
Rank
Userlevel 7
Badge +5

@jackfischer11 Glad to hear you were able to get it sorted out. Thanks for the update!

If you can dream it, you can do it!

Reply


Still need help?

Don't be shy and ask the community.

Ask your question here!
Community T&Cs