Focuses on API authentication, access scopes, and permission management.
When I updated the secret key, I can't validate it when receiving a webhook. Everything works fine with the old one.
This is a function with which we try to validate the callback:
I noticed that the new secret key has a different structure than the old one.
Also I tried to verify hmac parameter with shopify sdk https://packagist.org/packages/phpclassic/php-shopify - everything is the same, with a new key the validation does not pass.
Perhaps someone has faced such a problem and can share its solution