You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Per the Wise webhook events documentation, a X-Signature-SHA256 HTTP header is available to verify the authenticity and integrity of webhook requests.
It'd be useful to provide a way to verify this within the library. Should the existing (deprecated) verification process be retained? At this small scale of the library's adoption I think perhaps not; better to shift to a more secure algorithm and encourage that while it's easy to make that kind of change.
The text was updated successfully, but these errors were encountered:
Per the Wise webhook events documentation, a
X-Signature-SHA256
HTTP header is available to verify the authenticity and integrity of webhook requests.It'd be useful to provide a way to verify this within the library. Should the existing (deprecated) verification process be retained? At this small scale of the library's adoption I think perhaps not; better to shift to a more secure algorithm and encourage that while it's easy to make that kind of change.
The text was updated successfully, but these errors were encountered: