Pipe automatically signs the webhook requests so you can (optionally) verify that the requests are coming from Pipe and not a third party. This is useful if your application exposes sensitive data, but it is not required. It just adds an additional layer of protection. Pipe adds an additional HTTP header with the webhook POST requests, X-Pipe-Signature, which contains the specific signature for the request. To verify this request, you will need to generate a signature using the same key that ...
