Access partial header data in webhook for authentication

I’m trying to authenticate a webhook request via a shared sha56 secret in the header. The name/value pair is of this form

Name Value
X-MyThing-Sgnature sha256=34fssdkjkjkjkj334334, t=34349898989

Using header authentication in n8n, I"m trying to extract that sha256 value and compare it to a known secret before proceeding with processing the webhook. What is the best way to do this? Is it via a code block after the webook, so I would have no authentication on the webhook itself? Is there another way?

It looks like your topic is missing some important information. Could you provide the following if applicable.

  • n8n version:
  • Database (default: SQLite):
  • n8n EXECUTIONS_PROCESS setting (default: own, main):
  • Running n8n via (Docker, npm, n8n cloud, desktop app):
  • Operating system:

@timbenz , did I get it right that your header looks something like this?

{
  "headers": {
    "X-MyThing-Signature": "sha256=34fssdkjkjkjkj334334, t=34349898989",
    . . .
  }
}

If so, you can get the signature using RegEx (in Set or Code) as shown in the workflow below.

1 Like

yeah code node to do the calculations/auth check, then add a IF node, if good then continue, if fail then stop or throw error etc.

the webhook node doesnt have this functionality in it.