You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In order to secure endpoints to be called from untrusted sources, we should implement a signing mechanism similar to the one Stripe is using: https://docs.stripe.com/webhooks
Basically, a timestamp+signature is provided, the endpoint should compute a signature using an endpoint secret and calculating an HMAC with the timestamp + request body.
The text was updated successfully, but these errors were encountered:
In order to secure endpoints to be called from untrusted sources, we should implement a signing mechanism similar to the one Stripe is using:
https://docs.stripe.com/webhooks
Basically, a timestamp+signature is provided, the endpoint should compute a signature using an endpoint secret and calculating an HMAC with the timestamp + request body.
The text was updated successfully, but these errors were encountered: