Skip to content

docs: Add webhook security guidance to crawl and batch-scrape features #253

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
firecrawl-spring wants to merge 1 commit into
base: main
Choose a base branch
from
Open

docs: Add webhook security guidance to crawl and batch-scrape features #253

firecrawl-spring wants to merge 1 commit into from

Conversation

@firecrawl-spring
Copy link
Contributor

@firecrawl-spring firecrawl-spring bot commented Jan 15, 2026

Summary

This PR adds explicit documentation about webhook signature verification (HMAC-SHA256) in the crawl and batch-scrape feature pages.

Problem: Customers discovering webhooks through the feature documentation weren't aware that:

  • Every webhook payload is signed with HMAC-SHA256
  • They need to verify signatures for security and authenticity
  • Where to find their webhook secret

Solution: Added dedicated "Security: Verifying Webhook Signatures" sections to both feature pages that:

  • Explain HMAC-SHA256 signature verification process
  • Link directly to webhook security documentation with implementation examples
  • Include a warning about always verifying signatures before processing webhooks
  • Point to where the webhook secret is located in account settings

Changes

  • features/crawl.mdx: Added security section with signature verification guidance
  • features/batch-scrape.mdx: Added identical security section for consistency

Impact

This prevents customers from needing support to discover webhook security practices and ensures developers understand signature verification at the point where they first learn about webhooks.

Test Plan

  • Verify links to webhook security documentation work correctly
  • Confirm formatting and structure matches existing docs style
  • Validate that signature verification steps are clear and actionable

@firecrawl-spring
docs: Add webhook security guidance to crawl and batch-scrape features
fc82085 
Add explicit documentation about webhook signature verification (HMAC-SHA256) in the
crawl and batch-scrape feature pages. This prevents customers from needing support
to discover how to verify webhook authenticity and ensures security best practices
are emphasized at the point where developers first learn about webhooks.

Changes:
- Add dedicated "Security: Verifying Webhook Signatures" section to both crawl and batch-scrape feature pages
- Explain HMAC-SHA256 signature verification process
- Link directly to webhook security documentation with implementation examples
- Add warning about always verifying signatures before processing webhooks
- Mention where to find webhook secret in account settings

Fixes issue where customers discover webhooks but aren't immediately informed about
signature verification requirements and how to implement it.

Co-Authored-By: devhims <himanshu@sideguide.dev>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants