Changelog
➦ Back to Tazapay
These docs are for v1. Click to read the latest docs for v3.
Back to All
added

Webhook Authentication

about 1 month ago by Muskan Chugh

To ensure that webhooks sent from Tazapay are authentic and have not been compromised, we have introduced a new security feature: Webhook Signature Verification. This mechanism allows you to verify that the webhook request received on your server was sent by Tazapay, ensuring the integrity and authenticity of the data.

Each webhook request header now includes a signature generated using the event ID, payload, and timestamp. By verifying this signature, you can confirm that incoming webhooks originate from Tazapay and have not been compromised in transit. The timestamp in the signature will also help avoid any replay attacks.

Check Webhook Authentication section in our API docs for more details - https://docs.tazapay.com/docs/webhook-authentication