from_taiga.py

import requests
import json

url = 'http://127.0.0.1:8000/th/api/taiga/webhook/123'

headers = {
    "X-TAIGA-WEBHOOK-SIGNATURE": '5ff287f1565a40de55fbf1809a3781574e828f9c',
    "X-Hub-Signature": "sha1={}".format('5ff287f1565a40de55fbf1809a3781574e828f9c'),
    "Content-Type": "application/json"
}

data = json.dumps({
    "type": "test",
    "by": {
        "id": 6,
        "permalink": "http://localhost:9001/profile/user1",
        "username": "user1",
        "full_name": "Purificacion Montero",
        "photo": "//media.taiga.io/avatar.80x80_q85_crop.png",
        "gravatar_id": "464bb6d514c3ecece1b87136ceeda1da"
    },
    "date": "2016-04-12T12:00:56.335Z",
    "action": "test",
    "data": {
        "test": "test"
    }
}
)
request = requests.post(url, data=data, headers=headers)
print(request)

views.py

import hmac
import hashlib

from rest_framework.response import Response
from rest_framework.decorators import api_view

def verify_signature(key, data, signature):
    mac = hmac.new(key.encode("utf-8"), msg=data, digestmod=hashlib.sha1)
    return mac.hexdigest() == signature


@api_view(['POST'])
def taiga(request, key):
    signature = request.META.get('HTTP_X-TAIGA-WEBHOOK-SIGNATURE')   # does not work, Header not received :/
    print(signature)
    
    if verify_signature(key, request.data, signature):
        return Response({"message": "Success"})
    else:
        return Response({"message": "Failed!"})

HTTP_X_TAIGA_WEBHOOK_SIGNATURE does the trick