WEBHOOKS
Signed webhooks
Verify webhook payloads with HMAC signatures.
Signature header
StartupCore-Signature carries t=timestamp,v1=hex_hmac.
Replay protection
Reject events older than five minutes.
WEBHOOKS
Verify webhook payloads with HMAC signatures.
StartupCore-Signature carries t=timestamp,v1=hex_hmac.
Reject events older than five minutes.