Use this file to discover all available pages before exploring further.
1
Get your webhook secret
Log in to Doczilla and grab your webhook secret key from the organizations settings page.
2
Get the header
The x-doczilla-signature header is included in each webhook call containing a signature that you
can verify.Doczilla generates signatures using a hash-based message authentication code (HMAC) with SHA-256. To prevent
downgrade attacks.
3
Verify the signature with raw body
To verify your webhook simply re-create the signature with your webhook secret and the raw body.See also Webhook event for the full event payload.
import Doczilla from '@doczilla/node'import express from 'express'const doczilla = new Doczilla('doczilla-...')// Set your webhook secret hereconst webhookSecret = 'whsec-...'const app = express()// Match the raw body to content type application/jsonapp.post( '/webhook', express.raw({ type: 'application/json' }), (request, response) => { const signature = request.headers['x-doczilla-signature'] try { const payload = doczilla.webhook.verifyPayload(request.body, signature, webhookSecret) // Do something with the generated document console.log(payload) // Return a response to acknowledge receipt of the event response.json({ received: true }) } catch (err) { response.status(400).send('Signature invalid!') } })app.listen(4242, () => console.log('Running on port 4242'))
