We are trying to add an outgoing webhook to our projects/apps and our endpoint requires a signed request.
We noticed that the POST request has a header Bitrise-Hook-Signature using sha1 but we cannot find where to configure the secret key used to generate this signature.
In Github, we can set it easily as per screenshot:
Thanks for the quick response! It’s not badly illustrated.
We are indeed able to add the webhook itself but we are looking for where we can define the secret key to be used for generating the sha1 signature (the one we receive from header HTTP_BITRISE_HOOK_SIGNATURE).
The custom header in your 2nd screenshot is not what we need in this case as it’s not the one being used to generate HTTP_BITRISE_HOOK_SIGNATURE (we tried ).
Oh I see, thanks for explaining! In that case you’d have to register this webhook via the API. This is the endpoint I’m referencing: Bitrise Swagger UI
You’ll get this generated in a Bitrise-Hook-Signature header
Sorry for the delay in response.
That’s exactly what we needed and we have now implemented it. Thanks a lot!
And sorry we didn’t notice that before in the documentation. ^^;