Terra
Integrations
Research

Integration

API
Unified API
SDK
SDK
Authentication
Authentication
Streaming
Streaming
Blood
Blood Report API
Planned Workouts
Planned Workouts
AI Interface
AI Interface

User engagement

Graph API
Graph API
Scores
Health Scores
Rewards
Health Rewards

Use cases

Enterprise
Enterprise
Insurance
Insurance

Developers

Wearable Data
Wearable Data
Community
Community
Documentation
Documentation

Learn

Blog
Blog
Podcast
Podcast
Events
Events
Reports
Reports

Company

Customers
Customers
Careers
Careers
Partners
Partners
Support
Support
Pricing
Become an integrationGet started
IntegrationsResearch
Unified APIUnified APISDKSDKAuthenticationAuthenticationStreamingStreamingGraph APIGraph APIScoresScoresRewardsRewardsBlood Report APIBloodAI InterfaceAI Interface
EnterpriseEnterpriseInsuranceInsuranceWearable DataWearable DataCommunityCommunityDocumentationDocumentationBlogBlogPodcastPodcastEventsEventsReportsReportsCustomersCustomersCareersCareersPartnersPartnersSupportSupport
Pricing
Get startedBecome an integration

Cookie Preferences

Essential CookiesAlways On
Advertisement Cookies
Analytics Cookies

Crunch Time: Embrace the Cookie Monster Within!

We use cookies to enhance your browsing experience and analyse our traffic. By clicking “Accept All”, you consent to our use of cookies according to our Cookie Policy. You can change your mind any time by visiting out cookie policy.

Cookies Policy
zap

Latest

zap

Popular

API

Unified API

SDK

Phone SDK

Authentication

Widget

Streaming

Streaming

Graph API

Graph API

How do I use Signing Secret for API initialization?

All

ResonantJunglefowl26 months ago

Where can I find the signing secret needed for setting up the api. Also help me setup the signing secret please.

terra

Elliottadmin26 months ago

Hey,

To use signing secrets for webhook verification:

  1. First find your webhook secret on Dashboard > Connections > Webhook and copy the signing secret
  2. In your webhook endpoint, verify the signature we send in the payload header like so:

Ensure that you use the raw body provided to the request payload