Verifying Webhook HMAC?

ChrisBradley · June 15, 2025, 1:16am

Hey,

Wondering if anyone has any guidance on how to use the webhook signature?

I have looked over the previous questions, but i think they are related to app based webhooks and not the admin webhook?

I tried verifying x-shopify-hmac-sha256 against this value, which is a false.

KyleG-Shopify · June 18, 2025, 9:36pm

For admin subscribed webhooks, the validation should work the same. The difference is using the provided signature in place of the app secret.

Let me know if that works for you.

Topic		Replies	Views
Implement an HMAC signature to verify webhooks Authentication & Access oauth	3	382	February 13, 2025
Issue Verifying Webhook HMAC from Shopify Webhooks and Events troubleshooting	5	34	June 10, 2025
Shopify Webhook HMAC Validation Failing – 401 Unauthorized Webhooks and Events troubleshooting	4	114	March 5, 2025
Fail to verify HMAC x-shopify-hmac-sha256 header in NESTJS Webhooks and Events troubleshooting	3	128	December 31, 2024
Does Shopify send regular mandatory webhooks requests? Webhooks and Events troubleshooting	4	30	June 10, 2025