Discussions

Ask a Question
Back to All

What is the 'payload' when verifying webhook signature?

I'm looking at the documentation on how to verify the signature of a webhook, but I don't understand what the 'payload' should be in the example code:

function verifyWebhookSignature(signature, url, payload, secret) {
return signature == crypto.createHmac('sha256', secret).update(Buffer.from(url + payload, 'utf-8')).digest('base64');
}

Any help would be much appreciated!