Hacker News new | ask | show | jobs
by skaiser 1359 days ago
Yea we think it's a solid use case (mostly because we had that problem ourselves with a previous product haha)

And another great question! We use signing secrets to create a signature so you can validate that the request from us is authentic.

And thanks! This is just the beginning for us, so hopefully you give us a chance and sign up so we can notify you as we release new features!
1 comments
sneak 1359 days ago
If you are using signing secrets, consider having the client keep a secret and simply encrypt and sign the payload before handing it off to you.

When it comes back in, they can decrypt and authenticate it. You could hide all this in your api client.

Then you don’t end up with a big centralized database full of the PII of millions of your customers’ customers.

link
skaiser 1359 days ago
So are you suggesting that we update docs to encourage users to do that? We use signing secrets to sign the payload so users know the request from us is authentic, but other than that I can't think of how we'd control what users send us aside from just rejecting anything that "looks" like an object ;)

I do like the idea of including a little chunk in our SDK (Coming soon!) to allow them to easily encrypt/decrypt their payload, but that'd be entirely on them to follow that practice.

link
sneak 1359 days ago
Defaults matter. Make the api client encrypt everything it sends to you, so you never handle unencrypted customer data.
link
skaiser 1359 days ago
Oh for sure, I just haven't thought of a way to enforce that the payload be encrypted because there are so many different methods to do that and most of them still result in a string...

Do you have any advice or suggestions for how to enforce that?

I'll definitely add some docs to encourage it though; thanks for the suggestion!

link
sneak 1359 days ago
When I say “make”, I mean in your own api client library. It should happen automatically so the user doesn’t have to think about it.

You can provide some functions for the webhooks so targeted to authenticate and decrypt the stuff posted to them.

link
skaiser 1359 days ago
Ah gotcha. Yea we'll 100% include that as part of our SDK. Thanks for clarifying!
link