Try to implement the GDPR webhook. Have a few questions about how the HMAC is generated etc.
Is the hmac generated from the whole response json? or the headers?
Assuming it is the JSON, is white space been sanitized, \r\n and trailing white space?
If I think of any thing else I will update more, thanks in advanced!
The HMAC is generated based on the body of the webhook. You can refer to these docs for examples of how to verify.
mikedasilva | Developer @ Shopify - Was my reply helpful? Click Like to let me know! - Was your question answered? Mark it as an Accepted Solution - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog