Hi,
We are trying to add an outgoing webhook to our projects/apps and our endpoint requires a signed request.
We noticed that the POST request has a header Bitrise-Hook-Signature using sha1 but we cannot find where to configure the secret key used to generate this signature.
In Github, we can set it easily as per screenshot:
In Bitrise, we read this multiple times, but couldn’t find it:
Any input is appreciated!
Thanks,
Jing
Hi @jing!
You should be able to adjust on the ‘Code’ tab of your app. If you scroll down you’ll see this:
Hope this helps! Let me know 
Hi Bitce,
Thanks for the quick response! It’s not badly illustrated.
We are indeed able to add the webhook itself but we are looking for where we can define the secret key to be used for generating the sha1 signature (the one we receive from header HTTP_BITRISE_HOOK_SIGNATURE).
The custom header in your 2nd screenshot is not what we need in this case as it’s not the one being used to generate HTTP_BITRISE_HOOK_SIGNATURE (we tried 
).
-Jing
Hi @jing,
Oh I see, thanks for explaining! In that case you’d have to register this webhook via the API. This is the endpoint I’m referencing: Bitrise Swagger UI
You’ll get this generated in a Bitrise-Hook-Signature header
Thanks, Bitce!
Sorry for the delay in response.
That’s exactly what we needed and we have now implemented it. Thanks a lot!
And sorry we didn’t notice that before in the documentation. ^^;
Regards,
Jing
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
