The docs state: “The X-Genesys-Cloud-Signature header contains an HMAC-SHA256 hash of the request body.” I’m trying to verify this in a Node.js Lambda to stop replays. The docs state: “You must use your client secret as the signing key.”
Here is my check. It fails with a mismatch every time. Am I missing a step in the crypto createHmac call? Is there something about the body encoding I’m missing?