Validating the Signature

To validate the signature, you can use this sample Java code. Make sure to perform JSON escaping on the payload received at the target.

This code includes the payload, signature received, and secret key. You can have similar code in your respective programming language.

public static final String SIGNING_KEY_ALGO = "HMACSHA256";
public static boolean isSignatureValid(String payload, String receivedSignature, String signingKey) throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
     Mac mac = Mac.getInstance(SIGNING_KEY_ALGO);
     SecretKeySpec secretKeySpec =
             new SecretKeySpec(
                     signingKey.getBytes(StandardCharsets.UTF_8), SIGNING_KEY_ALGO);
     mac.init(secretKeySpec);

     String signature =
             org.apache.commons.codec.binary.Base64.encodeBase64String(mac.doFinal(payload.getBytes(StandardCharsets.UTF_8)));
     if(signature.equals(receivedSignature))
     {
         return true;
     }
     return false;
}
import hmac
import hashlib
import base64

def is_signature_valid(payload, received_signature, signing_key):
    mac = hmac.new(signing_key.encode('latin-1'), digestmod=hashlib.sha256)
    mac.update(payload.encode('latin-1'))
    signature = base64.b64encode(mac.digest()).decode('utf-8')

    return signature == received_signature

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
Data Cloud Reference Guide
Connect Data
Ingest Data
Model Data in Data Cloud
Query Data
Webhook Data Action Targets in Data Cloud
Generate a Secret Key for Signature Validation
Regenerate a Secret Key
Payload Signature
Validating the Signature