Webhook Signature Validator avatar

Webhook Signature Validator

Pricing

from $4.90 / 1,000 request or schema checkeds

Go to Apify Store
Webhook Signature Validator

Webhook Signature Validator

Validate webhook payload signatures against HMAC-style schemes and return pass/fail details.

Pricing

from $4.90 / 1,000 request or schema checkeds

Rating

0.0

(0)

Developer

junipr

junipr

Maintained by Community

Actor stats

0

Bookmarked

2

Total users

1

Monthly active users

8 hours ago

Last modified

Share

Store Positioning

Store title: Webhook Signature Validator

Short description: Validate webhook payload signatures against HMAC-style schemes and return pass/fail details.

SEO title: Webhook Signature Validator — API, schema, and developer QA

SEO description: Validate webhook payload signatures against HMAC-style schemes and return pass/fail details. Use it to catch contract drift, schema mistakes, unsafe endpoint assumptions, and developer-tool quality issues before release.

Categories: DEVELOPER_TOOLS, ECOMMERCE

Keywords: webhook, signature, validator, web audit, api/developer qa

Fixed-Inclusive PPE Pricing

This actor uses pay-per-event pricing. Event prices include Apify platform usage; users are not expected to pay a separate platform-usage pass-through charge for the configured pricing model.

  • Tier: A1 — API/developer QA
  • Primary event: signature-validated at $0.00650 base
  • Default max charge: $10.00
  • Store discounts: FREE/BRONZE base, SILVER discounted, GOLD deepest approved discount

Event set:

  • actor-start: base $0.00500, GOLD $0.00400. Webhook Signature Validator: charged when actor start is completed. The price includes Apify platform usage; no separate usage pass-through is intended.
  • signature-validated: base $0.00650, GOLD $0.00520. Webhook Signature Validator: charged when signature validated is completed. The price includes Apify platform usage; no separate usage pass-through is intended.
  • contract-rule-checked: base $0.00390, GOLD $0.00312. Webhook Signature Validator: charged when contract rule checked is completed. The price includes Apify platform usage; no separate usage pass-through is intended.
  • report-generated: base $0.05000, GOLD $0.04000. Webhook Signature Validator: charged when report generated is completed. The price includes Apify platform usage; no separate usage pass-through is intended.

Public Task Concepts

  • Validate Webhook Signature records from a capped sample
  • Find invalid Webhook Signature values before delivery
  • Check Webhook Signature coverage against expected rules
  • Prioritize Webhook Signature validation failures by severity
  • Export Webhook Signature pass-fail rows with evidence

What It Does

Validate webhook payload signatures against HMAC-style schemes and return pass/fail details.

This local package is part of the Junipr Apify actors 171-200 premium build for ChatGPT review.

What It Does Not Do

  • It does not call live Apify APIs.
  • It does not publish, upload Store assets, create public tasks, or configure live PPE.
  • It does not claim publish readiness.
  • It does not make unbounded network calls in the supplied examples path.

Input Fields

Seed shape: inputItems, maxItems, includeReport

The tiny fixture is available at examples/input.tiny.json and mirrored at fixtures/input.tiny.json for the local runner.

Output Fields

  • validationId
  • algorithm
  • signatureProvided
  • signatureComputedMasked
  • isValid
  • timestampValid
  • payloadHash
  • mismatchReason

Public Task Examples

Validate webhook HMAC signatures from sample payloads

  • Search intent: validate webhook hmac signatures from sample payloads
  • Specific input: Fixture input shaped for validate webhook hmac signatures from sample payloads.
  • Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
  • Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.

Mask computed webhook secrets in QA output

  • Search intent: mask computed webhook secrets in qa output
  • Specific input: Fixture input shaped for mask computed webhook secrets in qa output.
  • Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
  • Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.

Compare provided and computed webhook signatures

  • Search intent: compare provided and computed webhook signatures
  • Specific input: Fixture input shaped for compare provided and computed webhook signatures.
  • Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
  • Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.

Check timestamp and payload hash evidence locally

  • Search intent: check timestamp and payload hash evidence locally
  • Specific input: Fixture input shaped for check timestamp and payload hash evidence locally.
  • Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
  • Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.

Prepare webhook signature fixtures for integration tests

  • Search intent: prepare webhook signature fixtures for integration tests
  • Specific input: Fixture input shaped for prepare webhook signature fixtures for integration tests.
  • Expected output: Dataset rows with validationId, algorithm, signatureProvided, signatureComputedMasked plus local KVS report evidence.
  • Why run it: API teams, integration engineers, SaaS developers would run this to get a bounded local proof before any live Apify review or production use.

Tests

  • Actor-specific fixture tests live in test/webhook-signature-validator.test.ts.
  • Node-based local suites validate dataset schema conformance, output samples, local smoke runs, and PPE guard behavior.

FAQ

Is this live on Apify?

No. This is a local package for ChatGPT review only.

Is it publish-ready?

No. It needs later live tiny-run validation and console configuration before any publication decision.