What is hash field in the BigCommerce webhook?

Question

How it generate? How I can validate it?

https://developer.bigcommerce.com/api/webhooks-getting-started

{ 
  \"store_id\": 11111,  
  \"producer\": \"         


        

Answer 1

I'd recommend using a custom header to validate the payload was from BigCommerce as noted in the getting started guide:

A headers object containing one or more name-value pairs, both string values (optional). If you choose to include a headers object, Bigcommerce will include the name-value pair(s) in the HTTP header of its POST requests to your callback URI at runtime. While this feature could be used for any purpose, one is to use it to set a secret authorization key and check it at runtime. This provides an additional level of assurance that the POST request came from Bigcommerce instead of some other party, such as a malicious actor.