This plugin can sign the webhook events sent by the Gravity Forms WebHooks Add-On to your endpoints by including a signature in each event’s X-Gform-Signature header. This allows you to verify that the events were sent by the Gravity Forms add-on, not by a third party. As of right now, you must verify the signatures by manually using your own solution. However, an example of a Node.js (JavaScript) implementation is linked below.
Before you can verify signatures, you need to retrieve your endpoint’s public key (more information at this question).
This plugin uses the same keys for every form and endpoint, meaning that the same keys will be used for every signature generated.
Verification implementations
- Node.js: See the example on Github.
此插件可供下载,可用于您的 WordPress 自托管安装。