silly-garage-55753
03/21/2024, 11:38 AMSettings > Webhooks
to SDK Connections > SDK Webhooks
?fancy-addition-87107
03/26/2024, 2:31 PMfancy-addition-87107
03/26/2024, 2:42 PMenough-camera-24490
03/26/2024, 4:14 PMbetter-dress-85975
03/27/2024, 10:22 AMboundless-waiter-96587
03/28/2024, 5:51 AMbetter-dress-85975
03/28/2024, 1:34 PMenough-camera-24490
03/28/2024, 2:11 PMbetter-dress-85975
03/28/2024, 2:34 PMboundless-waiter-96587
04/01/2024, 8:07 AMenough-camera-24490
04/01/2024, 3:37 PMhappy-autumn-40938
04/02/2024, 2:07 AMfeature.*
events?
Depending on your use case, you may find the SDK Webhook to be more useful. Typically you'd use that for things like seeding or flushing cache for your application or CDN. Event webhooks, on the other hand, would be more for internal tooling, alerts, etc.enough-camera-24490
04/02/2024, 3:40 AMX-GrowthBook-Signature
that appears in the other two webhooks, doesn't appear to be showing up for these?happy-autumn-40938
04/02/2024, 4:21 AMwebhook-secret
.
I do not see any docs for the SDK Webhooks... this appears to be an oversight. Until we can add them, here's what they send:
method: settable in the UI. Supports
GET, POST, PUT, DELETE, PURGE
headers (pass in custom headers in the UI):
headers: {
"Content-Type": "application/json",
"webhook-id": webhookID,
"webhook-timestamp": date.getTime(),
"webhook-secret": secret,
"webhook-sdk-key": key,
...customHeaders,
},
body (optional): Settable in the UI. Not available for GET
. If set, will send over the SDK Payload in this envelope format:
{
type: "payload.changed",
timestamp: date.toISOString(),
data: {
payload: sdkPayload
}
}
happy-autumn-40938
04/02/2024, 5:37 AMfeature.updated
event. I've pushed out a fix.enough-camera-24490
04/02/2024, 5:46 PMwebhook-secret
value? It does not appear to be in the same format as the Signature header being passed in the other webhooks?happy-autumn-40938
04/02/2024, 6:02 PMconst computed = crypto
.createHmac("sha256", signingKey || "")
.update(res.locals.rawBody || new Buffer(""))
.digest("hex");
const received = req.get("webhook-secret");
const sig = received?.split("whsec_")?.[1] || "";
if (!crypto.timingSafeEqual(Buffer.from(computed), Buffer.from(sig))) {
throw new Error("mismatch signatures");
}
enough-camera-24490
04/02/2024, 9:21 PMwhsec_
from the secret passed. I will keep playing around with it. Thanks for the response!brash-kite-51410
04/02/2024, 10:05 PMenough-camera-24490
04/02/2024, 10:07 PMwk_<16chars>
one given when I created the SDK webhook.brash-kite-51410
04/02/2024, 10:28 PMpayload
object not the full bodyenough-camera-24490
04/02/2024, 10:35 PM{"type":"payload.changed","timestamp":"2024-04-02T22:32:44.872Z","data":{}}
Is that the empty data object?brash-kite-51410
04/02/2024, 10:36 PMenough-camera-24490
04/02/2024, 10:37 PMbrash-kite-51410
04/02/2024, 10:37 PMenough-camera-24490
04/02/2024, 10:40 PM$secret = 'wk_123457';
$hashedContent = hash_hmac('sha256', "", $secret);
return hash_equals($hashedContent, $signature);
enough-camera-24490
04/02/2024, 10:41 PMbrash-kite-51410
04/02/2024, 10:41 PMenough-camera-24490
04/02/2024, 10:42 PMbrash-kite-51410
04/02/2024, 10:42 PMenough-camera-24490
04/02/2024, 10:44 PMbrash-kite-51410
04/02/2024, 10:46 PMbrash-kite-51410
04/02/2024, 11:34 PMenough-camera-24490
04/02/2024, 11:39 PM