Generate the hmac from the request body of the message. There are standard libraries to do this on most platforms. Microsoft Teams uses standard SHA256 HMAC cryptography. You will need to convert the body to a byte array in UTF8.
To compute the hash, provide the byte array of the security token provided by Microsoft Teams when you registered the outgoing webhook.
Convert the hash to a string using UTF8 encoding.
Compare the string value of the generated hash with the value provided in the HTTP request.
The above steps and the C# example code and I am still having issues trying to generate the HMAC Value. I am using Crypto.js library to calculate it but probably need to do some more conversions before generating the HMAC, below is the code I use: