Skip to main content

Stripe Webhook Secret

Description

General

  • Documentation: https://stripe.com/docs/webhooks/best-practices#endpoint-secrets
  • Summary: Stripe offers payment processing software and application programming interfaces (APIs) for e-commerce websites and mobile application. It can be integrated with webhooks to communicate with external applications. Events sent by Stripe via a webhook are signed to avoid a replay attack. The key used to sign these events should remain secret. This detector aims at catching such keys.

Revoke the secret

Webhooks secrets can be issued and revoked from the dashboard dedicated page.'

Details for Stripe Webhook Secret

  • Family: token

  • Category: payment_system

  • Company: Stripe

  • High recall: True

  • Validity check available: False

  • Analyzer available: False

  • Revoker available: False

  • Occurrences found for one million commits: 25.05

  • Prefixed: True

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status