All Quiet changelog
Secure Your Outbound Webhooks with HMAC Signatures
All Quiet now supports HMAC-SHA256 request signing for outbound webhooks. This update allows your receiving services to verify that every delivery is authentic and untampered.
By signing the raw request body with a shared secret, we ensure your integrations remain secure at the edge, whether you use API gateways, serverless workers, or custom ingestion services.
Signing Options
We provide two formats to match your existing infrastructure:
Format | Description |
|---|---|
All Quiet Signature | Uses a standard HMAC-SHA256 hash of the raw request body for native integrations. |
Amazon Signature | Uses an Amazon-compatible HMAC variant for tools expecting AWS-style verification. |
Key Security Benefits
Verify Authenticity: Confirm that the webhook originated from All Quiet.
Ensure Integrity: Detect if a third party altered the payload during transit.
Prevent Spoofing: Block unauthorized requests before they reach your internal logic.
You can configure these signatures within your integrations settings. For technical details on implementation, visit our documentation.