Hi,
I’m setting up a webhook and was wondering what the best practice is to secure this?
Also is there a way to validate the incoming request ip/host with the validator ?
Thanks in advance!
1 Like
Hi @rolf
Thank you for getting in touch with us through the Alumio forum.
In order to validate the source IP address of the webhook request, you can use a Header Matcher to validate forwarded header with the value of for=IP_ADDRESS;proto=https. Please replace the IP_ADDRESS with the source IP address of the webhook request.
See the below screenshot as an example, where the IP address is stored in an environment variable called IP_ADDRESS_1.
Please give it a try and let us know if you find any problems.
2 Likes