FusionAuth Webhooks

When to Use This Skill

• Setting up FusionAuth webhook handlers
• Debugging JWT signature verification failures
• Understanding FusionAuth event types and payloads
• Handling user, login, registration, or group events

Essential Code (USE THIS)

FusionAuth Signature Verification (JavaScript)

FusionAuth signs webhooks with a JWT in the X-FusionAuth-Signature-JWT header. The JWT contains a request_body_sha256 claim with the SHA-256 hash of the request body.

const crypto = require('crypto');
const jose = require('jose');