validateWebhookSignature()
Available from v3.2.30
Validates that the signature that was received by a webhook endpoint is authentic. If the validation fails, an error is thrown.
API
The function accepts an object with three key-value pairs:
secret
The same webhook secret that was passed to renderMediaOnLambda()
's webhook options.
body
The body that was received by the endpoint - takes a parsed JSON object, not a string
.
signatureHeader
The X-Remotion-Signature
header from the request that was received by the endpoint.
Example
In the following Next.JS webhook endpoint, an error gets thrown if the signature does not match the one expected one or is missing..
pages/api/webhook.tstsx
import {validateWebhookSignature ,WebhookPayload ,} from "@remotion/lambda/client";export default async functionhandler (req :NextApiRequest ,res :NextApiResponse ) {validateWebhookSignature ({secret :process .env .WEBHOOK_SECRET as string,body :req .body ,signatureHeader :req .headers ["x-remotion-signature"] as string,});// If code reaches this path, the webhook is authentic.constpayload =req .body asWebhookPayload ;if (payload .type === "success") {// ...} else if (payload .type === "timeout") {// ...}res .status (200).json ({success : true,});}
pages/api/webhook.tstsx
import {validateWebhookSignature ,WebhookPayload ,} from "@remotion/lambda/client";export default async functionhandler (req :NextApiRequest ,res :NextApiResponse ) {validateWebhookSignature ({secret :process .env .WEBHOOK_SECRET as string,body :req .body ,signatureHeader :req .headers ["x-remotion-signature"] as string,});// If code reaches this path, the webhook is authentic.constpayload =req .body asWebhookPayload ;if (payload .type === "success") {// ...} else if (payload .type === "timeout") {// ...}res .status (200).json ({success : true,});}
See Webhooks for an Express example.