Receive a hex-encoded HMAC-SHA256 and decode it

Hi, I have a third party vendor that wants to verify a webhook with a hex-encoded HMAC-SHA256 body towards us in a REST call. How do I decode that one? I see that community commons have a GenerateHMAC_SHA256, where is the reverse function? Have anyone else done something similar?   Kind regards Johan
1 answers

Hi Johan,

You can't decode it as it's a one way encryption. To validate you need to recreate the the HMAC_SHA256 on your side from the data that has been passed and a shared secret key. You then compare your calculated value to one provided and if they match you know the data hasn't been tampered with.

Hope this helps