On repo push event, I'm generating the SHA256 value and comparing it with the request header but the keys do not match.
Hello @Manoj Khiyani and welcome to the Community,
When enabling the webhook security feature, Bitbucket Cloud will generate an HMAC signature and provide it in the request header named X-Hub-Signature. This signature is generated. The signature is calculated based on the payload contents, your secret token, and a hashing algorithm (sha256).
It might be the case that your implementation of the validation is not hashing the exact same content as Bitbucket Cloud, thus representing a mismatch.
I would suggest following the instructions of the following article to understand the exact content that is hashed, and also some example code snipper (Java and Python) on how the validation can be done :
Hope that helps! If you have any questions, feel free to ask.
Thank you, @Manoj Khiyani !
Patrik S
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.