diff --git a/README.md b/README.md
index a2d9511..fce9685 100644
--- a/README.md
+++ b/README.md
@@ -84,7 +84,7 @@ Message: {"context":{"domain":"retail","action":"search","bap_id":"retail.bap","
 
 Shared Key: juWDOTzzK7Eyrzm6hZwQmlJkolesm8x0
 
-HMAC: HMAC-SHA-256 8d2b129d83512b53ddd6e3657748a2e22cd05de3f7c4780cdf39da564a843884
+HMAC: HMAC-SHA-256 287662f35c63bb66710d96749ea87b5a8fa8073f919c8da628451a3c8567a1ff
 ```
 
 
diff --git a/src/utils/auth.utils.ts b/src/utils/auth.utils.ts
index c0eb5b8..251775b 100644
--- a/src/utils/auth.utils.ts
+++ b/src/utils/auth.utils.ts
@@ -1,4 +1,5 @@
 import _sodium, { base64_variants } from "libsodium-wrappers";
+import * as crypto from 'crypto';
 import { writeFile } from "fs/promises";
 import logger from "./logger.utils";
 import { Request, Response } from "express";
@@ -210,12 +211,10 @@ export const createAuthHeaderConfig = async (request: any) => {
 };
 
 const createBppWebhookAuthHeader = async (request: any) => {
-  const sodium = _sodium;
   const key = getConfig().app.sharedKeyForWebhookHMAC || "";
-  const keyUint8Array = sodium.from_string(key);
-  const messageUint8Array = sodium.from_string(JSON.stringify(request));
-  const hmac = sodium.crypto_auth(messageUint8Array, keyUint8Array);
-  return sodium.to_hex(hmac);
+  const hmac = crypto.createHmac('sha256', key);
+  hmac.update(JSON.stringify(request));
+  return hmac.digest('hex');
 };
 
 export const createBppWebhookAuthHeaderConfig = async (request: any) => {