Authenticate Service Hooks Requests


Hi All,

I configured a Service Hook through the API as documented here:

When I send an exception to Sentry I see it forwarded to my service hook as expected. So far great, but I don’t know how to authenticate the POST request sent to my service hook. Is there any documentation I could read about it?

I see the POST request sent to my service hook has two headers:

According to the service hook signature implementation here:
It looks like the signature is build in a standard way with the secret and the body of the request.

So I tried to use authenticate using the following mechanism:

String signature = HmacUtils.hmacSha256Hex(URLEncoder.encode(secretKey, "UTF-8"), URLEncoder.encode(jsonBody, "UTF-8"));

but the String signature I obtain doesn’t match the header X-ServiceHook-Signature. Anybody knows what I could be doing wrong?

Thanks in advance.



I figured this out, the approach mentioned above is correct. In my case it was failing because the jsonBody I was working with was escaped by the Restful web services framework I was using. Once I got the correct jsonBody (a non-escaped version) I was able to match the signatures.

Leaving this out here for future reference