The Authorization header that is sent with WebHook posts sent by custom Automations contains a ‘keyid’ field which, I am assuming, relates to the keys used for signing and validating the field.
Does anyone know how this is derived and where I can find it? (Other than by monitoring incoming packets, that is.)
My application will have several Automations calling the same Web service so will need to match up the appropriate public key to the incoming requests.
Edit: I suspect the the numeric portion of the keyid may be the key’s fingerprint/MD5 hash but have not been able to generate anything that matches so far so I may be wrong on that.