I’m using a webhook of different shopify brand store. So is it necessary to verify the webhook using HMAC-SHA256? Because different shopify account must have their different webhook secret key.
Hi! @mashiyat123
This is PageFly - Free Landing Page Builder. I would love to provide my recommendations for your store based on 6 years of providing solutions for about 100.000 active Shopify merchants.
The webhooks created through the API will not display in the admin, that is intended behavior. Webhooks created through the API by a Shopify App are verified by calculating a digital signature. Each webhook request includes a base64-encoded X-Shopify-Hmac-SHA256 header, which is generated using the app’s shared secret along with the data sent in the request.
You can read more on this here:
https://help.shopify.com/en/api/getting-started/webhooks#configuring-webhooks
https://help.shopify.com/en/api/getting-started/webhooks#verifying-webhooks
If you feel my answer is helpful, like it or mark it as a solution. Let me know if you have any questions.
Best regards,
PageFly