How to receive webhook response of shopify and verify in php ?

by

Sonu Kumar
in ,

To receive a webhook response from Shopify and verify it in PHP, you can use the following steps:

  1. Create a route in your PHP application to handle the webhook request
  2. Retrieve the raw request payload and HMAC header
  3. Calculate the HMAC of the payload using the same secret key used by Shopify
  4. Compare the calculated HMAC with the HMAC header received in the request
  5. If the HMAC match, process the payload and return a 200 OK response, otherwise return a 401 Unauthorized response
<?php

$shared_secret = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$hmac_header = $_SERVER['HTTP_X_SHOPIFY_HMAC_SHA256'];
$data = file_get_contents('php://input');
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, $shared_secret, true));

if ($hmac_header == $calculated_hmac) {
  // HMAC is valid, process the request
  // ...

  http_response_code(200);
} else {
  // HMAC is invalid, return a 401 response
  http_response_code(401);
}

?>

Comments

2 responses to “How to receive webhook response of shopify and verify in php ?”

  1. Sandeep Avatar
    Sandeep

    Its not working, shopify is not sending response after order is created. Logs are not getting generated.

    Reply
    1. Sonu Kumar Avatar
      Sonu Kumar

      Can you please share your code snippet?

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Social Media

Post Categories

Discover more from Worldhook Blogs

Subscribe now to keep reading and get access to the full archive.

Continue reading