Webhook events provide real-time notifications whenever there is a status update in your application. These events are sent as JSON payloads to your registered callback URL, allowing your system to take appropriate actions automatically.
The secure signature with the HMAC-SHA256 hashing algorithm is sent as the Signature header of the event. Recipients can verify the authenticity and integrity of the webhook event, ensuring that the event originates from a trusted source and has not been altered in transit.
This how the event signature is generated:
hash_hmac('sha256', [EVENT JSON], [SUBSCRIPTION SECRET])