I’m trying to verify the Genesys Cloud webhook signature in my Node.js consumer to prevent replay attacks, but the calculated HMAC never matches the header. I’m using crypto.createHmac(‘sha256’, secret) and signing the raw body, yet it’s always a mismatch. Here’s the snippet I’m using: const signature = crypto.createHmac(‘sha256’, secret).update(req.body).digest(‘hex’);. Am I missing a step or using the wrong secret?