X-square-signature or x-square-hmacsha256-signature for Webhook signature

paul-PM · August 9, 2022, 4:02pm

Does anybody know what is the correct header name?

The docs say x-square-hmacsha256-signature but the Sandbox log shows x-square-signature?

Thanks,
Paul

josh-square · August 9, 2022, 6:09pm

Hey there! Either of those headers should work, although we recommend using the hmacsha256 one since it’s more secure. We’re currently doing some work to have both headers show in the logs — sorry for the confusion!

josh-square · August 12, 2022, 5:22pm

Small update here: API Logs should now show both headers!

Topic		Replies	Views
Webhook after subscription - error and no key "X-Square-HmacSha256-Signature" Questions payments-api , webhooks-api , web-payments-sdk	6	27	October 28, 2024
Can't get my WebHook V2 HMAC hash to match the one sent from Square Questions webhooks-api	4	2143	August 28, 2021
Undefined array key "X-Square-HmacSha256-Signature Questions webhooks-api	8	1092	August 25, 2023
503 Error When Testing With Webhooks Questions customers-api , sandbox	6	1538	December 30, 2022
Why is the signature not computing correctly? Questions webhooks-api	4	15	December 26, 2024

X-square-signature or x-square-hmacsha256-signature for Webhook signature

Related topics