Webhook signature for security?

Is there any chance that you can add a signature of the webhook body to include with the webhook payload? This would be based on an HMAC signature based on secret key in our account, perhaps in the webhook integration settings.

This way we can validate integrity and security of the payload.


Similar to this, I would rather have a custom API were I could put secrets in the header and the body. If it is to be a webhook, then we would need the webhook to occur on the form load.

Another option would be a section to store global variables for all forms to access. These could be stored as secrets so other users would not be able to view them.

@dmuczynski I’m not entirely sure what you’re asking for that’s different from our existing API connector feature, which already allows you to put secrets securely in the header that your users can’t access. It can also be run on form load.

our secret is in the body. suggestions on how to leverage what you have to make that work?

We’re actually launching more robust + no-code api connectors in a day, and you’ll be able to store secrets securely in the body of the connector as well!

Exactly what I need. Please ping me when live!!!

no-code api connectors are now live!

Excellent!! looks great!