Assistance Needed for X-Hub-Signature Generation for Alert Webhook
We're currently working on authenticating Domo alert webhooks to trigger a pipeline in a third ETL tool and are having trouble matching the X-Hub-Signature from Domo with our computed signature. Specifically, we're unsure if we are implementing the correct algorithm for generating the signature.
Does anyone have a good idea about the exact algorithm Domo used to generate the X-Hub-Signature for the alert webhook? We want to ensure that our implementation fully aligns with the Domo webhook process for debugging.
For reference, here is the Python script we tried to compute the signature but output a different signature key than one Domo passing and thank you all in advance for your input:
import hmac
import hashlib
# Shared secret key
shared_secret = "the-shared-secret-key"
# Payload data (body of the request)
payload = b'{"name":"dag","id":"47365970","alertId":"4011","message":"","timestamp":"1728455774"}'
signature = 'sha512=' + hmac.new(shared_secret.encode(), payload, hashlib.sha512).hexdigest()
print(signature)
Answers
-
It appears you are using the wrong hashing algorithm (SHA-512), I believe Domo's webhook uses SHA-1. Try this:
import hmac
import hashlib
# Shared secret key
shared_secret = "the-shared-secret-key"
# Payload data (body of the request)
payload = b'{"name":"dag","id":"47365970","alertId":"4011","message":"","timestamp":"1728455774"}'
# Generate HMAC-SHA1 signature
signature = 'sha1=' + hmac.new(shared_secret.encode(), payload, hashlib.sha1).hexdigest()
print(signature)** Was this post helpful? Click Agree or Like below. **
** Did this solve your problem? Accept it as a solution! **0 -
When comparing the signature from the X-Hub-Signature header with the computed signature, make sure you're using a secure string comparison function to prevent timing attacks.
# Example comparison
received_signature = 'sha1=received-signature-from-domo'
is_valid = hmac.compare_digest(signature, received_signature)
print(is_valid) # True if signatures match, False otherwise** Was this post helpful? Click Agree or Like below. **
** Did this solve your problem? Accept it as a solution! **0
Categories
- All Categories
- 1.7K Product Ideas
- 1.7K Ideas Exchange
- 1.5K Connect
- 1.2K Connectors
- 296 Workbench
- 6 Cloud Amplifier
- 8 Federated
- 2.9K Transform
- 98 SQL DataFlows
- 611 Datasets
- 2.1K Magic ETL
- 3.8K Visualize
- 2.5K Charting
- 717 Beast Mode
- 52 App Studio
- 40 Variables
- 671 Automate
- 171 Apps
- 448 APIs & Domo Developer
- 45 Workflows
- 7 DomoAI
- 34 Predict
- 14 Jupyter Workspaces
- 20 R & Python Tiles
- 391 Distribute
- 111 Domo Everywhere
- 274 Scheduled Reports
- 6 Software Integrations
- 118 Manage
- 115 Governance & Security
- Domo Community Gallery
- 32 Product Releases
- 9 Domo University
- 5.3K Community Forums
- 40 Getting Started
- 30 Community Member Introductions
- 104 Community Announcements
- 4.8K Archive