Welcome to Portal

?Unknown\pull-down

Welcome to Zoho Cares

Bienvenido a Soporte de Zoho

Search our knowledge base, ask the community or submit a request.

We’re currently working on an integration that utilizes Channel Pull & Push functionality. As part of this, we need to validate incoming requests, but we’re facing some challenges in getting the validation steps to work correctly.

Here’s a simplified snippet of our current implementation:

const secretKey = process.env.SECRET_KEY;

const requestType = 'POST';
const queryParams = JSON.stringify(req.query);
const postBody = JSON.stringify(req.body);
const headers = JSON.stringify(req.headers);

// Generate stringToHash with headers
const stringToHash = `requestURL=${requestURL}&requestType=${requestType}&queryParams=${queryParams}&postBody=${postBody}&headers=${headers}`;
const computedHash = crypto.createHmac('sha256', secretKey).update(stringToHash).digest('hex');

// Generate stringToHash without headers
const stringToHashWithoutHeaders = `requestURL=${requestURL}&requestType=${requestType}&queryParams=${queryParams}&postBody=${postBody}`;
const computedHashWithoutHeaders = crypto.createHmac('sha256', secretKey).update(stringToHashWithoutHeaders).digest('hex');

In both cases, the computed hash doesn’t match the received hash.

Has anyone encountered a similar issue or can provide guidance on how to properly validate requests in this scenario? Any help or suggestions would be greatly appreciated!

2 users have this question.
1 Reply
Reply

Hi

,

Could you double-check your payload for any unintended changes, like extra spaces or formatting tweaks? These can cause hash mismatches. If everything seems clear, take a look at the URL response codes to see if any errors are being returned. If so, feel free to share the error details with us at support@zohodesk.com—we’ll take a closer look!

Regards,
Shivani | Zoho Desk

Reply to hsA
/* */
  • 12
  • Insert
  • Plain text
Add Comment
(Up to 20 MB )