X-Satws-Signature header is sent to help verify it. Syntage generates a signature using a hash-based message authentication code (HMAC) with SHA-256 using the signingSecret as key. To verify the hash you can do the following steps:
Step 1: Extract the timestamp and signature from the header
Split the header, using the, character as the separator. The value for the prefix t corresponds to the timestamp and s corresponds to the signature.
Step 2: Prepare the signed payload
Create the signed payload by concatenating these values without spaces:- the timestamp as a Unix timestamp string, for example
"1656569160" - the
.character - the raw request body exactly as received