Webhook Signature Validator
Pricing
from $4.90 / 1,000 request or schema checkeds
Webhook Signature Validator
Validate webhook payload signatures against HMAC-style schemes and return pass/fail details.
Pricing
from $4.90 / 1,000 request or schema checkeds
Rating
0.0
(0)
Developer
junipr
Maintained by CommunityActor stats
0
Bookmarked
2
Total users
1
Monthly active users
8 hours ago
Last modified
Categories
Share
Store Positioning
Store title: Webhook Signature Validator
Short description: Validate webhook payload signatures against HMAC-style schemes and return pass/fail details.
SEO title: Webhook Signature Validator — API, schema, and developer QA
SEO description: Validate webhook payload signatures against HMAC-style schemes and return pass/fail details. Use it to catch contract drift, schema mistakes, unsafe endpoint assumptions, and developer-tool quality issues before release.
Categories: DEVELOPER_TOOLS, ECOMMERCE
Keywords: webhook, signature, validator, web audit, api/developer qa
Fixed-Inclusive PPE Pricing
This actor uses pay-per-event pricing. Event prices include Apify platform usage; users are not expected to pay a separate platform-usage pass-through charge for the configured pricing model.
- Tier: A1 — API/developer QA
- Primary event:
signature-validatedat $0.00650 base - Default max charge: $10.00
- Store discounts: FREE/BRONZE base, SILVER discounted, GOLD deepest approved discount
Event set:
actor-start: base $0.00500, GOLD $0.00400. Webhook Signature Validator: charged when actor start is completed. The price includes Apify platform usage; no separate usage pass-through is intended.signature-validated: base $0.00650, GOLD $0.00520. Webhook Signature Validator: charged when signature validated is completed. The price includes Apify platform usage; no separate usage pass-through is intended.contract-rule-checked: base $0.00390, GOLD $0.00312. Webhook Signature Validator: charged when contract rule checked is completed. The price includes Apify platform usage; no separate usage pass-through is intended.report-generated: base $0.05000, GOLD $0.04000. Webhook Signature Validator: charged when report generated is completed. The price includes Apify platform usage; no separate usage pass-through is intended.
Public Task Concepts
- Validate Webhook Signature records from a capped sample
- Find invalid Webhook Signature values before delivery
- Check Webhook Signature coverage against expected rules
- Prioritize Webhook Signature validation failures by severity
- Export Webhook Signature pass-fail rows with evidence
What It Does
Validate webhook payload signatures against HMAC-style schemes and return pass/fail details.
This local package is part of the Junipr Apify actors 171-200 premium build for ChatGPT review.
What It Does Not Do
- It does not call live Apify APIs.
- It does not publish, upload Store assets, create public tasks, or configure live PPE.
- It does not claim publish readiness.
- It does not make unbounded network calls in the supplied examples path.
Input Fields
Seed shape: inputItems, maxItems, includeReport
The tiny fixture is available at examples/input.tiny.json and mirrored at fixtures/input.tiny.json for the local runner.
Output Fields
validationIdalgorithmsignatureProvidedsignatureComputedMaskedisValidtimestampValidpayloadHashmismatchReason
Public Task Examples
Validate webhook HMAC signatures from sample payloads
- Search intent: validate webhook hmac signatures from sample payloads
- Specific input: Fixture input shaped for validate webhook hmac signatures from sample payloads.
- Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
- Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.
Mask computed webhook secrets in QA output
- Search intent: mask computed webhook secrets in qa output
- Specific input: Fixture input shaped for mask computed webhook secrets in qa output.
- Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
- Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.
Compare provided and computed webhook signatures
- Search intent: compare provided and computed webhook signatures
- Specific input: Fixture input shaped for compare provided and computed webhook signatures.
- Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
- Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.
Check timestamp and payload hash evidence locally
- Search intent: check timestamp and payload hash evidence locally
- Specific input: Fixture input shaped for check timestamp and payload hash evidence locally.
- Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
- Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.
Prepare webhook signature fixtures for integration tests
- Search intent: prepare webhook signature fixtures for integration tests
- Specific input: Fixture input shaped for prepare webhook signature fixtures for integration tests.
- Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
- Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.
Tests
- Actor-specific fixture tests live in
test/webhook-signature-validator.test.ts. - Node-based local suites validate dataset schema conformance, output samples, local smoke runs, and PPE guard behavior.
FAQ
Is this live on Apify?
No. This is a local package for ChatGPT review only.
Is it publish-ready?
No. It needs later live tiny-run validation and console configuration before any publication decision.