Home  >  Q&A  >  body text

Webhooks - Authentication Type API Key - Secret Name and Secret Value - in PHP

<p>I'm trying to authenticate a webhook using an api key (secret name and secret value).所以我制作了两个文件:</p> <p>webhook.php:</p> <pre class="brush:php;toolbar:false;"><?php include('webhook-api-key.php'); // Retrieve the request body from the webhook POST request if ($http_status_code === 200){ $request_body = file_get_contents('php://input'); // Convert the request body from JSON to a PHP object $request_data = json_decode($request_body); // Extract the contact properties from the request data $contact_properties = $request_data->properties; // Extract the email property value $email = $contact_properties->email->value; // Extract the first name property value $first_name = $contact_properties->firstname->value; // Extract the last name property value $last_name = $contact_properties->lastname->value; // Do something with the contact data, such as adding it to a database or sending an email notification // For example: $contact_data = array( 'email' => $email, 'first_name' => $first_name, 'last_name' => $last_name ); // Add the contact data to a database or send an email notification, etc. // Send a HTTP response to HubSpot indicating that the webhook was successfully received and processed http_response_code(200); } ?></pre> <p>和 webhook-api-key.php:</p> <pre class="brush:php;toolbar:false;"><?php $endpoint_url = 'https:/.../hubspot/webhook.php'; // Set up the API key secret name and secret value $api_key_secret_name = 'word'; $api_key_secret_value = 'anther_word'; // Set up the HTTP POST request headers $headers = array( 'Content-Type: application/json', 'Authorization: Bearer '.$api_key_secret_value ); // Set up the HTTP POST request body $body = array( 'api_key' => $api_key_secret_value ); // Send the HTTP POST request to the webhook endpoint URL $ch = curl_init($endpoint_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($body)); $response = curl_exec($ch); // Check for errors if(curl_errno($ch)) { $error_message = curl_error($ch); echo 'Error: '.$error_message; } // Get the HTTP response status code $http_status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); // Close the HTTP POST request curl_close($ch); // Handle the webhook response if ($http_status_code === 200) { echo 'Webhook successfully authenticated.'; } else { echo 'Webhook authentication failed with HTTP status code: ' . $http_status_code; } ?></pre> <p>在 Hubspot 配置中,网址为“https:/.../hubspot/webhook.php”。</p> <p>Is this okay? I ask this because when I tried to test it it killed my server and I can't find an example on the internet using this kind of authentication. </p> <p>Thank you! </p>
P粉545910687P粉545910687439 days ago547

reply all(1)I'll reply

  • P粉413307845

    P粉4133078452023-08-31 10:55:59

    So it’s actually very simple. There are no examples on the internet and the documentation is poor, explaining more about Hubspot signatures than API keys. I finally figured out how it works and here is the working code:

    $expectedSecretName = 'word'; // Replace with your expected secret name
    $expectedSecretValue = 'another_word'; // Replace with your expected secret value
    
    $requestBody = file_get_contents('php://input');
    $data = json_decode($requestBody);
    
        if($_SERVER['HTTP_WORD'] == $expectedSecretValue){
    //do something with values
    $email = $data->email;
    $firstname= $data->firstname;
    $lastname= $data->lastname;
    }
    else{
    //not from Hubspot
    }

    reply
    0
  • Cancelreply