I'm trying to implement the HMAC validation for calls to my mandatory webhooks. However I'm finding that I'm just not getting the HMAC header in the request. Has anyone else had this problem?
do you mean that you cannot find X-Shopify-Hmac-SHA256 in the response (not the request) headers?
If that's the case, I could investigate your case further. Could you please DM the date of your test, the topic, and store involved?
Hello again and thanks for your patience,
I've been trying to reproduce your issue.
The HMAC header leaves our servers in my tests, but I've observed that our software does some transformation to these that might be not reverted on your side.
(Due to the special nature of mandatory webhooks, they use a different path and this only applies to them)
If X-Shopify-Hmac-SHA256 is not present, would you mind trying if you receive HTTP_X_SHOPIFY_HMAC_SHA256 (all capitals and underscored) ?
I am getting `X-Shopify-Hmac-SHA256` header blank before creating charge after auth/callback. I am using node js
Can you please share the proper sample code or Any link?
I am stuck on this since hours 🙂
I'm sorry but I really have no idea why it suddenly started working. All I would say is to just double check that you've typed the header name correctly. The line in my C# code which gets the header is:
var headerValues = Request.Headers.GetValues("X-Shopify-Hmac-Sha256");