Skip to main content
This page covers verification of payloads from vehicles. Please see our callback verification section for information on how to initially verify your callback uri.
Verify webhook payloads against the SC-Signature header and a SHA-256 based HMAC generated by hashing your application_management_token and the body.
Our backend SDKs have helper methods that return true if the payload is good.
    Smartcar.verify_payload(
        {application_management_token},
        {SC-Signature}, 
        {webhook_body}
    )
I