How do I use Signing Secret for API initialization?

Question

Where can I find the signing secret needed for setting up the api. Also help me setup the signing secret please.

Elliott · Accepted Answer

Hey, To use signing secrets for webhook verification: 1. First find your webhook secret on [Dashboard > Connections > Webhook](https://dashboard.tryterra.co/dashboard/connections) and copy the signing secret 2. In your webhook endpoint, verify the signature we send in the payload header like so: ```py SECRET = " ".encode("utf-8") @app.route("/consumeTerraWebhook", methods=["POST"]) def webhook(): body = request.get_data().decode('utf-8') signature_header = request.headers["terra-signature"] t, signature = (pair.split("=")[-1] for pair in signature_header.split(",")) computed_signature = hmac.new( SECRET, msg=f"{t}.{body}".encode("utf-8"), digestmod=hashlib.sha256 ).hexdigest() if signature != computed_signature: return flask.Response(status=401) return flask.Response(status=200) ``` Ensure that you use the raw body provided to the request payload