hmac_secret
during webhook registration, Method now includes a method-webhook-signature
header on each webhook request. This signature is an HMAC-SHA256 digest, computed using your hmac_secret
as the shared secret and the message format ${method-webhook-timestamp}:${raw_payload}
.
method-webhook-timestamp
header (UNIX timestamp in seconds), allowing you to validate the freshness of requests and prevent replay attacks.
products
and subscriptions
arrays in the request body when creating a Connect
for an entity. These will automatically execute upon a successful connection.
expand
query parameter has been added to the Connect
object, allowing you to include additional properties within the accounts
object.
Example Request
method-node
method-python