@fingerprint/node-sdk
    Preparing search index...

    Function isValidWebhookSignature

    • Verifies the HMAC signature extracted from the "fpjs-event-signature" header of the incoming request. This is a part of the webhook signing process, which is available only for enterprise customers. If you wish to enable it, please contact our support: https://fingerprint.com/support

      Parameters

      • params: IsValidWebhookSignatureParams
        • data: Buffer

          The raw data of the incoming request

        • The value of the "fpjs-event-signature" header.

        • secret: string

          The secret key used to sign the request.

      Returns boolean

      true if the signature is valid, false otherwise.

      // Webhook endpoint handler
      export async function POST(request: Request) {
      try {
      const secret = process.env.WEBHOOK_SIGNATURE_SECRET;
      const header = request.headers.get("fpjs-event-signature");
      const data = Buffer.from(await request.arrayBuffer());

      if (!isValidWebhookSignature({ header, data, secret })) {
      return Response.json(
      { message: "Webhook signature is invalid." },
      { status: 403 },
      );
      }

      return Response.json({ message: "Webhook received." });
      } catch (error) {
      return Response.json({ error }, { status: 500 });
      }
      }