Webhook HMAC Hash Doesn't Match

RichardT · July 25, 2025, 8:06pm

We’re working on a webhook integration with our .Net web API and having trouble generating the same hash using our secret key and the payload of the requests we’re receiving.

Here’s the payload:
{“account_id”:87817,“account_uuid”:“QWNjb3VudDo4NzgxNw==”,“webhook_type”:“Inventory Update”,“inventory”:[{“sku”:“ESP8741 -0700”,“inventory”:“167”,“backorder_quantity”:“0”,“on_hand”:“172”,“virtual”:false,“sell_ahead”:0,“qty_in_totes”:0,“reserve”:0,“updated_warehouse”:{“warehouse_id”:109822,“warehouse_uuid”:“V2FyZWhvdXNlOjEwOTgyMg==”,“identifier”:“201 - North Las Vegas”,“inventory”:“167”,“backorder_quantity”:“0”,“on_hand”:“172”,“sell_ahead”:0,“qty_in_totes”:0,“reserve”:0}}]}

And the hash from the “X-Shiphero-HMAC-SHA256” header:
“X3yFx9A1+ayrsb5wjHPCqMKFwtlSOVIqGHkDCdFbOrc=”

And the output hash using our secret key from an online HMAC Generator(HMAC-SHA256 Hash Generator | Devglan):
hQDjdn9ViAtILZduQv2zTP/eokn563HsL+SXJ1ptd+o=

Any help would be appreciated!

RichardT · July 29, 2025, 4:45pm

Update:
We got a response from SH on the cause of our issue. Looks like the way we were reading and serializing the body was the issue- if you are running into this issue you’ll want to read the raw body for hashing to confirm the request came from Shiphero.

Topic		Replies	Views
Webhook Request Verification GraphQL API	12	1280	August 5, 2021
Generate Label Webhook HMAC Validation Devs Needed & Available	3	118	October 3, 2025
Shipment update webhook questions GraphQL API	3	403	April 18, 2021
Hmac header not present for label webhook Legacy REST API	12	935	September 21, 2021
Request Verification for Generate Label Webhook Getting Started	11	533	June 6, 2024

Webhook HMAC Hash Doesn't Match

Related topics