Skip to main content

Overview

To ensure the authenticity of embedded sections, Fourthwall uses HMAC-SHA512 signatures to prove that the content is being embedded on a Fourthwall shop, for a specific supporter and tier.

Parameters

The following parameters are passed to your iframe:

Verification

To verify the signature, recalculate the HMAC signature using the same parameters and your secret key. The data string format:
Your secret key is available in your Developer settings. Never leak this secret in your code. If exposed, it can be used to impersonate any supporter on your shop.

JavaScript Example