Verify Payload Signing Example (Node.js)

Below is an example of verifying the signature written in TypeScript using Node.js and native Crypto library.

import * as Crypto from 'crypto';

export const verifySignature = (payload: string, signature: string, publicKey: string): boolean => {
  // instanciate Crypto Verify
  const verifier = Crypto.createVerify('RSA-SHA512');

  // transform required data into buffers
  const publicKeyBuffer = Buffer.from(publicKey, 'utf-8');
  const signatureBuffer = Buffer.from(signature, 'base64');

  // set payload to verify
  verifier.update(payload, 'utf8');

  // verify the signature 
  return verifier.verify(publicKeyBuffer, signatureBuffer);
};

where:

payload is the raw payload, which the system sent to the endpoint.
signature is the X-Payload-Signature header value (an encoded bas64 string)
publicKey is the public RSA Key generated for a WebHook, available from the organization panel (coming soon).

We strongly recommend storing the generated public key on the server-side (eg. in the environment variables).

Verify Payload Signing (Node.js)

Verify Payload Signing Example (Node.js)

results matching ""

No results matching ""