The unmatched signature error occurs because Github uses a HMAC SHA-1 hash to verify the authenticity of the webhook payload. When the webhook is sent from Github to Jenkins, the signature is included in the HTTP headers. In order to replicate this webhook request on Postman, you must also generate the same HMAC SHA-1 hash value for the payload data and include it in the HTTP headers. If the signature in the HTTP headers does not match the one generated by Postman, Github will reject the request and return an unmatched signature error.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2023-04-30 14:05:50 +0000
Seen: 13 times
Last updated: Apr 30 '23