API Documentation | Piggyvest Business

Ctrl K

Signature Validation

Validate using x-pvb-signature header with HMAC SHA512 of the payload using your secret key.

1

Node.js Example:(JavaScript)
const crypto = require('crypto');
const secret = process.env.PVB_SECRET_KEY;
app.post('/webhook', (req, res) => {
  const hash = crypto.createHmac('sha512', secret)
    .update(JSON.stringify(req.body))
    .digest('hex');
  if (hash !== req.headers['x-pvb-signature']) {
    return res.sendStatus(200); // Invalid
  }
  // Process webhook
  res.sendStatus(200);
});

Always respond with 200 to acknowledge.

PreviousPayload Structure Next How To Use (SDK)