Documentation Index
Fetch the complete documentation index at: https://mintlify.com/resend/resend-go/llms.txt
Use this file to discover all available pages before exploring further.
Method
func (s *WebhooksSvcImpl) Verify(options *VerifyWebhookOptions) error
Parameters
options
*VerifyWebhookOptions
required
The webhook verification parametersThe raw webhook payload body as a string
The webhook verification headersThe svix-timestamp header value
The svix-signature header value
The signing secret from webhook creation (starts with whsec_)
Response
Returns nil if verification succeeds, or an error if verification fails.
Example
import (
"io"
"net/http"
"github.com/resend/resend-go/v2"
)
func webhookHandler(w http.ResponseWriter, r *http.Request) {
client := resend.NewClient("re_123456789")
// Read the raw body
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Failed to read body", http.StatusBadRequest)
return
}
// Verify the webhook
err = client.Webhooks.Verify(&resend.VerifyWebhookOptions{
Payload: string(body),
Headers: resend.WebhookHeaders{
Id: r.Header.Get("svix-id"),
Timestamp: r.Header.Get("svix-timestamp"),
Signature: r.Header.Get("svix-signature"),
},
WebhookSecret: "whsec_your_signing_secret",
})
if err != nil {
http.Error(w, "Invalid signature", http.StatusUnauthorized)
return
}
// Webhook is verified, process the event
w.WriteHeader(http.StatusOK)
}
Notes
- The verification implements HMAC-SHA256 signature validation
- Timestamp validation prevents replay attacks (default tolerance: 5 minutes)
- The signing secret is provided once when creating the webhook
- All three headers (
svix-id, svix-timestamp, svix-signature) are required