@godaddy/app-connect
Advanced tools
GoDaddy App Connect - A verification library for GoDaddy Platform App requests
A collection of tools and utilities for building applications that integrate with the GoDaddy platform.
This library provides essential functionality for developers building applications that work with the GoDaddy platform. It handles platform integration concerns like request verification, webhook validation, authentication, and API communication.
Note: This library is under active development. Currently, it provides request verification and webhook subscription verification functionality, with more features planned for future releases.
npm install @godaddy/app-connect
# or
yarn add @godaddy/app-connect
# or
pnpm add @godaddy/app-connect
This package provides framework-specific exports that can be imported directly:
// Express.js specific imports
import { createActionMiddleware, createWebhookMiddleware } from '@godaddy/app-connect/express';
// Next.js specific imports - Next.js App Router (13+) uses verifyAction directly
import { verifyAction, verifyWebhookSubscription, VerifiableRequest } from '@godaddy/app-connect/next';
Verify that incoming requests to your application are genuinely from the GoDaddy platform by validating cryptographic signatures added by GoDaddy's Traefik middleware.
Verify that incoming webhook subscriptions are genuinely from the GoDaddy platform by validating HMAC signatures.
Set up the required public key via environment variable:
GODADDY_PUBLIC_KEY=base64_encoded_public_key
Or provide it directly in your code:
import { verifyAction } from '@godaddy/app-connect';
const result = verifyAction(request, {
publicKey: 'base64_encoded_public_key'
});
Set up the webhook secret via environment variable:
GODADDY_WEBHOOK_SECRET=your_webhook_secret
Or provide it directly in your code:
import { verifyWebhookSubscription } from '@godaddy/app-connect';
const result = verifyWebhookSubscription(request, {
secret: 'your_webhook_secret'
});
import express from 'express';
// Import directly from the express subpath
import { createActionMiddleware } from '@godaddy/app-connect/express';
const app = express();
// Add body parser middleware first
app.use(express.json());
// Add action verification middleware
app.post('/action-webhook',
createActionMiddleware(),
(req, res) => {
// If the request gets here, it's verified as a signed action
res.send('Verified action request received!');
});
// For webhook subscriptions (separate endpoint with webhook verification)
app.post('/webhook-subscription',
createWebhookMiddleware(), // Import this from '@godaddy/app-connect/express'
(req, res) => {
// If the request gets here, it's a verified webhook subscription
res.send('Verified webhook subscription received!');
}
);
app.listen(3000);
// app/api/example/route.ts
import { verifyAction, VerifiableRequest } from '@godaddy/app-connect/next';
export async function POST(request: Request) {
// Transform web standard Request to VerifiableRequest
const verifiableReq: VerifiableRequest = {
method: request.method,
url: request.url,
path: new URL(request.url).pathname,
query: Object.fromEntries(new URL(request.url).searchParams),
headers: Object.fromEntries(request.headers),
body: await request.json(),
};
// Verify the action request
const result = verifyAction(verifiableReq);
if (!result.success) {
// Return error in GoDaddy format
return Response.json(result.error, { status: 401 });
}
// Process the request
return Response.json({ message: 'Verified request received!' });
}
import { verifyAction, VerifiableRequest } from '@godaddy/app-connect';
function processActionRequest(req) {
// Create a verifiable request object
const verifiableRequest: VerifiableRequest = {
method: req.method,
url: req.url,
path: req.path,
query: req.query,
headers: req.headers,
body: req.body
};
// Verify the action request
const result = verifyAction(verifiableRequest);
if (!result.success) {
// Handle verification failure
console.error('Verification failed:', result.error);
return { error: result.error };
}
// Process verified request
return { success: true };
}
import { verifyWebhookSubscription, VerifiableRequest } from '@godaddy/app-connect';
function processWebhookSubscription(req) {
// Create a verifiable request object
const verifiableRequest: VerifiableRequest = {
method: req.method,
url: req.url,
path: req.path,
query: req.query,
headers: req.headers,
body: req.body
};
// Verify the webhook subscription
const result = verifyWebhookSubscription(verifiableRequest);
if (!result.success) {
// Handle verification failure
console.error('Webhook verification failed:', result.error);
return { error: result.error };
}
// Process verified webhook
return { success: true };
}
verifyAction(request, options?): Result<void>Verifies that a request has a valid GoDaddy platform signature.
request: A VerifiableRequest object containing the request detailsoptions: Optional configuration including the public keyReturns a Result object that indicates success or contains an error.
verifyWebhookSubscription(request, options?): Result<void>Verifies that a webhook subscription request has a valid HMAC signature.
request: A VerifiableRequest object containing the webhook request detailsoptions: Optional configuration including the webhook secretReturns a Result object that indicates success or contains an error.
createActionMiddleware(options?) (from @godaddy/app-connect/express)Creates an Express.js middleware function for verifying action requests.
createWebhookMiddleware(options?) (from @godaddy/app-connect/express)Creates an Express.js middleware function for verifying webhook subscription requests.
createExpressMiddleware(options?) (from @godaddy/app-connect)Legacy approach: Creates an Express.js middleware function for verifying action requests.
For Next.js App Router (13+), use verification functions directly in your route handlers. Import from:
import { verifyAction, verifyWebhookSubscription, VerifiableRequest } from '@godaddy/app-connect/next';
See the Next.js App Router Integration example for action verification details. The pattern is similar for webhook verification.
getWebhookSecret(options?): stringRetrieves the webhook secret for webhook subscription verification, from options or environment.
The library exports standardized error types that follow GoDaddy's error schema:
MissingHeaderError: When a required header is missingExpiredSignatureError: When the signature timestamp is too oldInvalidSignatureError: When the signature verification failsInvalidAlgorithmError: When the signature algorithm is not supportedInvalidVersionError: When the signature version is not supportedMissingWebhookHeaderError: When a required webhook header is missingInvalidWebhookSignatureError: When the webhook signature verification failsContributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
GoDaddy App Connect - A verification library for GoDaddy Platform App requests
The npm package @godaddy/app-connect receives a total of 1 weekly downloads. As such, @godaddy/app-connect popularity was classified as not popular.
We found that @godaddy/app-connect demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.
Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.