Skip to content

Verification keys

Dispatch communicates with your app using HTTP webhooks. To confirm those requests come from Dispatch, it’s recommended to set up a verification key.

Create a verification key

Use Dispatch CLI to generate a verification key.

Terminal window
dispatch verification rollout

The output should look something like this:

Terminal window
-----BEGIN PUBLIC KEY-----
vjTIrTmgMoFRn8b5L3VXJckgEbEJGBFFWTscB2WYoi1bGlew
-----END PUBLIC KEY-----

This is a public key that’s safe to share and store in the source code. Dispatch will use this key to sign all requests to your server.

Set up verification

To make Dispatch SDK verify incoming requests, store your verification key in a DISPATCH_VERIFICATION_KEY environment variable. Dispatch SDK will automatically detect this environment variable and enable request verification.