# Signing Webhooks

A recommended practice for Webhooks is to sign the payloads of the messages so that the receiver can verify the authenticity and integrity of the message.&#x20;

The framework provides a mechanism to sign the payloads of the messages sent (as *Sender*) and to verify the signatures of the incoming messages (as *Receiver*).

Signature providers are implementations that use the payload of a webhook message and a secret key, to compute a signature to be attached to the webhook, by implementing the `IWebhookSigner` service contract.

By default, when registering a Webhook Sender service, the framework also registers an implementation of a signature provider for the '*HMAC-SHA-256'* algorithm: it is possible to add custom ones by calling the method `.AddSigner<TSigner>()` of the service builder.

```csharp
using System;

using Microsoft.Extensions.Configuration;

using Deveel.Webhooks;

namespace Example {
    public class Startup {
        public Startup(IConfiguration config) {
            Configuration = config;
        }
        
        public IConfiguration Configuration { get; }
        
        public void Configure(IServiceCollection services) {
            // ... add any other service you need ...
            // this call adds the basic services for sending of webhooks
            services.AddWebhookSender<MyWebook>(webhooks => {
                // Optional: if not configured by you, the service
                // Add a custom signature provider
                webhooks.AddSigner<MySigner>();
            });
        }
    }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://webhooks.deveel.org/send_webhooks/signing-webhooks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.