Validation of the header signature with n8n

Table of Contents

To verify the authenticity of incoming webhooks from SeaTable in n8n, each request is sent with a digital signature in the header x-seatable-signature. This signature is based on the shared secret (Webhook Secret) and the request body.

In n8n you can implement the validation as follows:

Set up a Webhook Trigger in your workflow. Make sure to enable the Raw Body option.
Add a Crypto Node, where you hash the request body along with the secret using the HMAC-SHA256 algorithm to calculate the signature.
Now compare the signature calculated by the Crypto Node with the value from x-seatable-signature. Note that you must prepend sha256= to the calculated hash.

Only if both values match, the request is considered authentic.

This ensures that your n8n workflows only accept webhooks triggered by SeaTable and remain unaltered.

Webhook for several simultaneous changes

Validation of the header signature with n8n

TABLE OF CONTENTS

MORE ARTICLES IN THIS CATEGORY