Showing results for 
Search instead for 
Did you mean: 

Webhook authentication always fails webhook authentication always fails , hash generated using the payload does not match with x-anet-signature


If you are encountering an issue with webhook authentication failing, there are a few things to check:

1: Ensure that you are using the correct API login ID and transaction key for your account.
2: Make sure that you are generating the hash correctly, using the correct algorithm and format, and that the payload is the exact string used to generate the signature in the webhook request header.
3: Check if there are any typos or incorrect characters in the API login ID, transaction key, or payload data.
4: If you are still encountering the issue, try reaching out to's support team for further assistance.
It's important to follow's guidelines and best practices when setting up webhooks and generating hashes to ensure successful authentication.


The x-anet-signature header and the hash calculated using the payload are most likely out of sync, which results in the failure of the webhook authentication. You must take the following actions in order to fix this problem:

Verify your Merchant Interface webhook settings: Make that the webhook is active and that the webhook's URL is right.

Check the secret key to make sure it corresponds with the secret key in your Merchant Interface. This secret key was used to create the hash in your code.

Make sure you are using the right hash creation algorithm by checking it against the API documentation.


const payloadbody = JSON.stringify(req.body);

const generateCryptoHMAC= crypto.createHmac('sha512', secretKey).update(payloadbody).digest('hex');

This was the code I used to generate hash. I used the crypto package from NPM.  Can you suggest me the right hashing algorithm .