# Security Webhooks play a critical role in ensuring the seamless functionality of your integration. However, they can become targets for malicious actors attempting to exploit or disrupt the service. To safeguard your application, you must configure your webhook with a 32-byte secret. This secret is essential for encrypting the request body, adding a layer of security to the data transmission. ### Enabling Encryption When encryption is enabled in your webhook configuration: **Payload Format:** The webhook event payload is sent as text/plain containing encrypted data. \ \ **Initialization Vector (IV):** A 16-byte cipher initialization vector (IV) is included in the response headers as metadata. This IV is necessary to decrypt the webhook request body securely. Below you find an example process for decrypting an incoming webhook request: {% tabs %} {% tab title="TypeScript" %} ```typescript import * as crypto from 'crypto'; export class Decipher { decipherAES_256_CBC(request: any) { const CIPHER_KEY = 'YOUR-PLAIN-KEY'; const BASE64_PLAIN_IV = request.headers['x-pvt-cipher-iv']; const BASE64_CIPHERED_MESSAGE = request.body; const BUFFER_KEY = Buffer.from(CIPHER_KEY); const BUFFER_IV = Buffer.from(BASE64_PLAIN_IV, 'base64'); const BUFFER_CIPHERED_MESSAGE = Buffer.from(BASE64_CIPHERED_MESSAGE, 'base64'); const DECIPHER = crypto.createDecipheriv('aes-256-cbc', BUFFER_KEY, BUFFER_IV); DECIPHER.setAutoPadding(true); let deciphered_message = DECIPHER.update(BUFFER_CIPHERED_MESSAGE, 'hex', 'utf8'); deciphered_message += DECIPHER.final('utf-8'); return deciphered_message.toString(); } } ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs-business.mio.id/webhooks/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.