Webhooks and Events

Hi Paco,

It is the POST request made from Shopify to my app for any of the mandatory webhooks. I just (6th Sept 13:08 UTC) logged into my test store (https://linkituk.myshopify.com/) and submitted a customer data request. This failed as the request made from Shopify did not have the HTTP header X-Shopify-Hmac-SHA25 so I wasn’t able to validate the request.

All the best,
Jacqui

Hello again and thanks for your patience, 

 

I've been trying to reproduce your issue.

The HMAC header leaves our servers in my tests, but I've observed that our software does some transformation to these that might be not reverted on your side.

(Due to the special nature of mandatory webhooks, they use a different path and this only applies to them)

 

If X-Shopify-Hmac-SHA256 is not present, would you mind trying if you receive HTTP_X_SHOPIFY_HMAC_SHA256 (all capitals and underscored) ? 

 

Thanks!

Hi,

I can’t explain it but It looks like the X-Shopify-Hmac-SHA256 header is now there. Maybe in trying the other name and then putting back the original I corrected a typo but I did check the name repeatedly.

Anyway, thanks for you help.

Hello ,

 

I am getting `X-Shopify-Hmac-SHA256` header blank before creating charge after auth/callback.  I am using node js

 

Can you please share the proper sample code or Any link?  

 

I am stuck on this since hours 🙂

 

Thanks 

Hi,

 

I'm sorry but I really have no idea why it suddenly started working.  All I would say is to just double check that you've typed the header name correctly.  The line in my C# code which gets the header is:

 

var headerValues = Request.Headers.GetValues("X-Shopify-Hmac-Sha256");

 

Jacqui