Generating HASH of webhook secret for GDPR bots

I was following the official tutorial to set up a bot that handles Right To Erasure requests, but I hit an issue. To test it I need a “HMAC-SHA256” encoding of my secret key. From what I’ve heard I need two values to encode a secret key, text and a secret. I dont know which I put my key in or what to put in the other.


I have my secret key, but how can I get the encoded version?

Thanks in advance!

1 Like

Hello, I was looking at this as well and got this based on the code from the message_parser script

import time
import hmac
import hashlib
import re
import base64

description = ""
timestamp = ""
secret = ""

timestamp_message = "{}.{}".format(timestamp, description)
digest = hmac.new(
    secret.encode(),
    msg=timestamp_message.encode(),
    digestmod=hashlib.sha256
).digest()
validated_signature = base64.b64encode(digest).decode()

print(validated_signature)

if you fill out the values and run it, it should print out the validated_signature you can use for testing