# verify_webhook > **Function** in `langchain_parallel` 📖 [View in docs](https://reference.langchain.com/python/langchain-parallel/tasks/verify_webhook) Verify a Parallel webhook signature (Standard Webhooks scheme). Parallel signs webhook payloads using HMAC-SHA256 over ``".."``, base64-encoded with padding. The signature is delivered as the ``webhook-signature`` header (possibly with multiple space-delimited ``v1,`` entries). See https://docs.parallel.ai/resources/webhook-setup. The verification flow is: 1. Reject if the timestamp drifts more than ``tolerance_seconds`` from now (replay protection). 2. Compute the expected signature. 3. Compare against every ``v1,`` entry in the header. ## Signature ```python verify_webhook( payload: bytes, *, webhook_id: str, webhook_timestamp: str, webhook_signature: str, secret: str, tolerance_seconds: int = _DEFAULT_WEBHOOK_TOLERANCE_SECONDS, ) -> bool ``` ## Parameters | Name | Type | Required | Description | |------|------|----------|-------------| | `payload` | `bytes` | Yes | Raw request body bytes (do not decode-then-encode — must be byte-identical to what Parallel signed). | | `webhook_id` | `str` | Yes | Value of the ``webhook-id`` header. | | `webhook_timestamp` | `str` | Yes | Value of the ``webhook-timestamp`` header (Unix seconds as a string). | | `webhook_signature` | `str` | Yes | Value of the ``webhook-signature`` header. | | `secret` | `str` | Yes | Your webhook signing secret (from the Parallel dashboard). | | `tolerance_seconds` | `int` | No | Reject signatures whose timestamp differs from ``time.time()`` by more than this many seconds. Defaults to 5 minutes (the Standard Webhooks recommendation). (default: `_DEFAULT_WEBHOOK_TOLERANCE_SECONDS`) | ## Returns `bool` True if the signature is valid and within tolerance; False otherwise. --- [View source on GitHub](https://github.com/parallel-web/langchain-parallel/blob/c1f8c1d657b86eaf948c363f84fed6ea6bd65754/langchain_parallel/tasks.py#L164)