Checking X-Loop-Signature Header
Example Webhook Validation Endpoints
See the code snippet in this recipe:
🎣
Verify X-Loop-Signature Header
Open Recipe
When receiving a webhook from Loop, use the secret provided for the webhook to create a sha256 HMAC of the request encoded as a base64 value. You can then compare that HMAC to the value that was provided in the X-Loop-Signature
header of the request, to ensure that the values match. This will ensure that the request came from Loop.
Updated 12 months ago