Example Signed Request
POST https://example.org/hooks
User-Agent: intercom-parrot-service-client/1.0
X-Hub-Signature: sha1=21ff2e149e0fdcac6f947740f6177f6434bda921
Accept: application/json
Content-Type: application/json
{
"type" : "notification_event",
"id" : "notif_78c122d0-23ba-11e4-9464-79b01267cc2e",
"topic" : "user.created",
"app_id" : "a86dr8yl",
"data" : {
"type" : "notification_event_data",
"item" : {
"type" : "user",
"id" : "530370b477ad7120001d",
"user_id" : "25",
"name" : "Hoban Washburne",
"unsubscribed_from_emails" : false,
"custom_attributes" : {}
}
}
}
You can request notifications from Intercom are signed by adding a hub_secret field to the subscription. The value of the hub_secret is used as the key to create a hash signature of the JSON notification The digest is then sent using an X-Hub-Signature header in the request and can be verified by the receiving webhook.
The signature is the hexadecimal (40-byte) representation of a SHA-1 signature computed using the HMAC algorithm as defined in RFC2104.
The X-Hub-Signature header value starts with the string sha1= followed by the signature - for example, X-Hub-Signature: sha1=21ff2e149e0fdcac6f947740f6177f6434bda921.