Adobe Target

Take 10 minutes to complete an Adobe Target review on Gartner Peer Insights, and as a thank you for your time, you’ll have the option to receive a $25 gift card!

Learn more

Authenticating an event webhook from the hash of the body

https://www.adobe.io/apis/experienceplatform/events/docs.html#!adobedocs/adobeio-events/master/intro...

At the bottom of this page there is a small example of "Javascrip(pseudo-code)" which is entirely unhelpful as it fails to explain the only part of the code that is important to know. Where/how do you get `raw-request-body` from?
At the moment my code looks like...

const validateClientSecret = (req: any) => {
  const secret = secretKey();

  const hmac = crypto.createHmac('sha256', secret);
 
  hmac.update(req.body.toString());

  const hash = hmac.digest('base64');

  if (req.header('x-adobe-signature') !== hash) {
    // other stuff here...
    return false;
  }

  return true;
};

If I pass in just `req.body` it throws an exception as `body` is the wrong type. If I use `req.body.toString()` it creates a has but not one matching the header value.

Can someone help me as I'm now not sure if I'm using the right value and checking against the wrong header? Or using the wrong value? Etc...
What I need is to be able to complete the line...

const raw_request_body = ?!?!?!?

If anyone knows how I can do that please could you let me know. Thanks

889

0 Replies

Related Conversations

SPA: "Current View" not displayed in VEC most of the time Solved

Attempting to alter the text of a class of buttons. Styling changes work in browser dev tools, but not in Adobe Target

Combining audiences in Target, an inclusion and an exclusion

How to change A/B test from one workspace to another

AEM Assets as source of content for Target

122

Adobe Target

Authenticating an event webhook from the hash of the body

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe