Missing "x-payload-hash" in Notification Response Headers

When working with notifications, you may notice that the x-payload-hash parameter is not returned in the response headers. This can happen due to how HMAC is enabled in relation to your API keys. Below, we’ll explain the cause and provide steps to resolve the issue.

Why Is "x-payload-hash" Missing?

The x-payload-hash parameter is included in the response headers only when HMAC is enabled. HMAC configuration depends on the API key used to create the subscription for notifications.

If you use multiple API keys to create subscriptions, only the subscriptions created under an API key with HMAC enabled will include the x-payload-hash parameter.

Steps to Troubleshoot and Resolve

Step_1: Verify the API Key Used to Create your Subscriptions

• Check which API key was used to create the subscription for notifications.
• Confirm whether HMAC was enabled for that specific API key.

Step_2: Enable HMAC for the Relevant API Key

• If HMAC is not enabled for the API key used, you will need to enable it. Refer to the HMAC Enabling Guide for detailed instructions.

Step_3: Recreate Subscriptions (If Necessary)

• If your subscriptions were created with an API key that does not have HMAC enabled, you will need to recreate the subscriptions using the API key where HMAC was enabled.

Step_4: Ensure Consistent API Key Usage

• To avoid inconsistencies, use the same API key with HMAC enabled for all subscriptions. This ensures all notifications include the x-payload-hash parameter.

Example Scenario

1. You have two API keys: KeyA and KeyB.
2. HMAC is enabled for KeyA but not for KeyB.
3. If you create a subscription with KeyA, the x-payload-hash parameter will be returned in the notification response headers.
4. If you create a subscription with KeyB, the x-payload-hash parameter will not be returned.