# Seatable webhook authentication with HMAC SHA256 — verify and block spoofed requests
This automation template securely receives webhooks from Seatable by validating their authenticity using HMAC SHA256 signature verification. It prevents unauthorized or spoofed requests from triggering downstream actions—ideal for secure integration with CRM, ERP, or logging systems.
## Who it´s for
- Developers integrating Seatable with external platforms
- Database administrators requiring verified data sources
- Teams focused on automation security and protection against fake payloads
## What the automation does
- Receives incoming HTTP webhooks from Seatable
- Extracts the `x-seatable-signature` header and computes HMAC SHA256 hash of the request body using a secret key
- Compares the computed signature with the received one; proceeds with 200 OK if valid
- Returns 403 Forbidden if signatures do not match, halting further execution
- Can be extended to trigger follow-up actions (e.g., CRM updates) only after successful validation
## What´s included
- Ready-to-use n8n workflow
- Trigger and handler logic for secure webhooks
- Integration with HTTP API and HMAC SHA256 validation
- Basic setup and adaptation guide
## Requirements for setup
- Access to a self-hosted or cloud n8n instance
- Shared secret key configured in Seatable
- Webhook set up in Seatable pointing to your n8n endpoint
## Benefits and outcomes
- Protection against unauthorized webhook calls
- Enhanced security for integrations involving sensitive operations
- Reduced risk of false event processing
- Reusable foundation for building trusted automation pipelines
## Important: template only
Important: you are purchasing a ready-made automation workflow template only. Rollout into your infrastructure, connecting specific accounts and services, 1:1 setup help, custom adjustments for non-standard stacks and any consulting support are provided as a separate paid service at an individual rate. To discuss custom work or 1:1 help, contact via chat
No feedback yet