Hi, I have webhooks set up in my company’s Apigee account and I’m wondering if there’s way to ensure the webhook requests sent by Apigee are authentic (and not sent by a malicious third party posing as Apigee). Is there an IP range for which we can check? Or maybe there is a signature header that can be enabled? What’s your recommended best practice here?
Thanks!
Jon
LinkedIn
Twitter
