Not able to match x-airtable-content-mac header from webhook request

Hi,

I am having an issue to match the airtable-content-mac from the header with the one I computed following the instructions from the documentation .

So we tried the following:

const decodedMacSecret = atob('macSecretBase64'); //macSecretBase64 from create webhook

const body = `{

  "base": {

    "id": "appjRdIX59U4YEy4l"

  },

  "webhook": {

    "id": "achXH94CxHYGdUcje"

  },

  "timestamp": "2024-03-06T00:32:58.992Z"

}`



const hmac = createHmac('sha256', decodedMacSecret);

console.log(body)

hmac.update(body.toString(), 'ascii'); // I also tried JSON.stringify(body); 

console.log('received header: hmac-sha256=0fb79298bc57a45a34ca1d04f5237fd4a9a9223fd5c90cc04f35d3c3890180cc');

console.log('computed:        hmac-sha256=' + hmac.digest('hex'));

Thanks

Page 1 / 1

I was using atob to decode the mac secret that is why it was not working.

This piece of code worked !

const macSecretFromCreate = "<mac_secret_string_from_create_endpoint>";

const macSecretDecoded = new Buffer(macSecretFromCreate, 'base64');



// example request body

const requestBody = '{"base":{"id":"<the app id>"},"webhook":

{"id":"<the webhook id>"},"timestamp":"<timestamp value"}'



const hmac = require('crypto').createHmac('sha256', macSecretDecoded);

hmac.update(requestBody.toString(), 'ascii');

const expectedContentHmac = 'hmac-sha256=' + hmac.digest('hex');

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded