Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shouln't the webhook endpoint also retrieve the secret value? #298

Open
rafa-acioly opened this issue Apr 8, 2021 · 1 comment
Open

Shouln't the webhook endpoint also retrieve the secret value? #298

rafa-acioly opened this issue Apr 8, 2021 · 1 comment

Comments

@rafa-acioly
Copy link

I'm building a new platform that will be integrated with woocommerce and inside of my platform I have a job that creates webhooks on client's shop (product and order update), I've managed to create the webhooks successfully but I cannot receive any "secure" notifications because I didn't receive the secret created for this webhooks.

Looking at the documentation I cannot pass a secret value to create a webhook

https://woocommerce.github.io/woocommerce-rest-api-docs/#create-a-webhook

And even if i GET a webhook it will not show the secret

https://woocommerce.github.io/woocommerce-rest-api-docs/#retrieve-a-webhook

What may be the solutions?

  1. Ask the users to go through the configuration and get the secrets for me. (not cool because this will need human interaction)
  2. Retrieve the secret on the rest API requests
  3. Have a convention to generate secrets, this way I can predict what the secret will be.
@balusreekanth
Copy link

Consumer secret is the web-hook secret by default

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@balusreekanth @rafa-acioly