You can authenticate your webhooks using the following methods:

​

HMAC (Default)

HMAC is the default authentication method for vartiq webhooks. If you don’t provide any authentication method, it will be used by default. The signature is generated using the HMAC SHA-256 algorithm. You can get the signature from the X-Vartiq-Signature header.

If you like to chnage the header name and provide your own secret, you can do so while creating the webhook.

const webhook = await vartiq.webhook.create({
  name: "Webhook name",
  url: "https://example.com",
  authMethod: "hmac",
  hmacHeader: "X-Your-Signature",
  hmacSecret: "your-secret",
});

​

Basic Auth

Basic Auth is a simple authentication method that uses a username and password to authenticate the webhook. You can get the value from Authorization header. It is a base64 encoded string.

const webhook = await vartiq.webhook.create({
  name: "Webhook name",
  url: "https://example.com",
  authMethod: "basic",
  basicAuthUsername: "username",
  basicAuthPassword: "password",
});

​

API Key

You can use your own API key to authenticate the webhook.

const webhook = await vartiq.webhook.create({
  name: "Webhook name",
  url: "https://example.com",
  authMethod: "apiKey",
  apiKey: "your-api-key",
  apiKeyHeader: "X-Your-API-Key",
});