01-18-2022 06:20
01-18-2022 06:20
Hello!
I am having problems to figure out what I am missing for the verification of the signature in the webhooks.
I am getting the X-Fitbit-Signature header and matching it to the body of the request encrypted with SHA1 with the client-secret+'&' as key and then encoding it in Base64.
I have understood that, but it doesn't even match with the test from https://dev.fitbit.com/build/reference/web-api/developer-guide/best-practices/#Subscriber-Security.
I would appreciate if someone could give me a hand.
Thanks in advance!
Answered! Go to the Best Answer.
01-19-2022 04:18
01-19-2022 04:18
The problem I was having is with the JSON body, I didn't remove the spaces and new lines, now it works!
01-19-2022 04:18
01-19-2022 04:18
The problem I was having is with the JSON body, I didn't remove the spaces and new lines, now it works!