Ahh, it’s under the Validating the Signature Header section. Thanks!
Another question, I have been trying to produce the hash for validation and have not been able to produce the same one as the x-twitter-webhooks-signature header.
I used the same method as I am for generating the hash for the Challenge Response Check token. But instead of hashing the crc_token in this line:
sha256_hash_digest = hmac.new(APP_CONSUMER_SECRET, msg=crc_token, digestmod=hashlib.sha256).digest()
The crc_token is now the request body string:
{"direct_message_events":[{"type":"message_create","id":"902632971999428611","created_timestamp":"1504039445291","message_create":{"target":{ ... the rest is truncated
Is this the correct method for generating the validation hash?
