Product update: Improved Webhook integration security
We are constantly improving our integrations. This time we focused on security of our Webhook integration.
Webhooks deliver data to publicly accessible URLs. They are often secured just by obscuring the endpoint urls (where every user obtains a unique URL to send webhook data to). Anyone with the knowledge of the endpoint's url can send data to it.
We've added an optional extra security layer to our webhooks. You can now specify a "secret" token which will be used by Ybug to compute a signature of the payload sent to your webhook endpoint. Every webhook request then contains the X-Ybug-Signature header with this signature. This way, you can verify that the webhook request really originated from Ybug.
Please read our documentation to learn more.